SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5e488a46826ee418e6bba56ad9037290d3f8be52.

Database Entry

SHA1 Fingerprint:	5e488a46826ee418e6bba56ad9037290d3f8be52
Certificate Common Name (CN):	seleadfabas.mg
Issuer Distinguished Name (DN):	seleadfabas.mg
TLS Version:	TLS 1.2
First seen:	2016-02-26 06:50:00 UTC
Last seen:	2016-03-13 06:55:54 UTC
Status:	Blacklisted
Listing reason:	Dridex C&C
Listing date:	2016-02-26 07:03:44
Malware samples:	16
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2016-03-13 06:55:54	60df479901080da8444d4793eb24e630	39/57 (68.42%)	Dridex	81.93.151.248:4243
2016-03-13 06:55:54	60df479901080da8444d4793eb24e630	39/57 (68.42%)	Dridex	81.93.151.248:4243
2016-03-12 00:36:23	05e2a020e5c84958b2a2ff9d2e669d96	3/55 (5.45%)	Dridex	81.93.151.248:4243
2016-03-12 00:36:23	05e2a020e5c84958b2a2ff9d2e669d96	3/55 (5.45%)	Dridex	81.93.151.248:4243
2016-03-09 20:28:04	fee418a00dfbdeea956e903bf4de6672	12/57 (21.05%)	Dridex	81.93.151.248:4243
2016-03-09 20:28:04	fee418a00dfbdeea956e903bf4de6672	12/57 (21.05%)	Dridex	81.93.151.248:4243
2016-03-09 11:02:20	bf7a62cf72d938f4bcad84cd7f8ff5b8	9/56 (16.07%)	Dridex	81.93.151.248:4243
2016-03-09 11:02:20	bf7a62cf72d938f4bcad84cd7f8ff5b8	9/56 (16.07%)	Dridex	81.93.151.248:4243
2016-03-08 02:06:41	0dd477895e7534728ad1f09375594a77	4/56 (7.14%)	Dridex	81.93.151.248:4243
2016-03-08 02:06:41	0dd477895e7534728ad1f09375594a77	4/56 (7.14%)	Dridex	81.93.151.248:4243
2016-03-07 03:12:57	ece2500c97dcd01b690602dc6df0304a	3/54 (5.56%)	Dridex	81.93.151.248:4243
2016-03-07 03:12:57	ece2500c97dcd01b690602dc6df0304a	3/54 (5.56%)	Dridex	81.93.151.248:4243
2016-03-06 22:04:52	aecadaf6c8880f773b51afea6b0af099	6/56 (10.71%)	Dridex	81.93.151.248:4243
2016-03-06 22:04:52	aecadaf6c8880f773b51afea6b0af099	6/56 (10.71%)	Dridex	81.93.151.248:4243
2016-03-06 20:45:54	266201f0a19f47215bd98d6bf6dbb28f	20/56 (35.71%)	Dridex	81.93.151.248:4243
2016-03-06 20:45:54	266201f0a19f47215bd98d6bf6dbb28f	20/56 (35.71%)	Dridex	81.93.151.248:4243
2016-03-04 01:48:15	a40f255242fe07927b1402d7b36a681a	1/55 (1.82%)	Dridex	81.93.151.248:4243
2016-03-04 01:48:15	a40f255242fe07927b1402d7b36a681a	1/55 (1.82%)	Dridex	81.93.151.248:4243
2016-03-03 12:49:00	37c6b74e6a095bd40c5ab75ee67e728a	8/56 (14.29%)	Dridex	81.93.151.248:4243
2016-03-03 12:49:00	37c6b74e6a095bd40c5ab75ee67e728a	8/56 (14.29%)	Dridex	81.93.151.248:4243
2016-03-02 12:45:17	ee0c2f2d7521303399b1268c864da083	6/56 (10.71%)	Dridex	81.93.151.248:4243
2016-03-02 12:45:17	ee0c2f2d7521303399b1268c864da083	6/56 (10.71%)	Dridex	81.93.151.248:4243
2016-02-29 19:44:38	6af47bc62ef76b8486373ea7190282a9	12/56 (21.43%)	Dridex	81.93.151.248:4243
2016-02-29 19:44:38	6af47bc62ef76b8486373ea7190282a9	12/56 (21.43%)	Dridex	81.93.151.248:4243
2016-02-29 06:23:40	1599ddb280a13316c1587a2f6f763d1e	6/56 (10.71%)	Dridex	81.93.151.248:4243
2016-02-29 06:23:40	1599ddb280a13316c1587a2f6f763d1e	6/56 (10.71%)	Dridex	81.93.151.248:4243
2016-02-29 04:46:46	3ec3103de049b50a6f12795632512335	10/55 (18.18%)	Dridex	81.93.151.248:4243
2016-02-29 04:46:46	3ec3103de049b50a6f12795632512335	10/55 (18.18%)	Dridex	81.93.151.248:4243
2016-02-28 13:20:41	f030777d2c7dc3409077b44b3440859e	27/56 (48.21%)	Dridex	81.93.151.248:4243
2016-02-28 13:20:41	f030777d2c7dc3409077b44b3440859e	27/56 (48.21%)	Dridex	81.93.151.248:4243
2016-02-26 06:50:00	e574046e46e003e40ff33f89cfb25d8f	12/55 (21.82%)	Dridex	81.93.151.248:4243
2016-02-26 06:50:00	e574046e46e003e40ff33f89cfb25d8f	12/55 (21.82%)	Dridex	81.93.151.248:4243

# of entries: 32 (max: 100)