SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5e7c239541ada7230e39b6fc2e61b67ffde91007.
Database Entry
| SHA1 Fingerprint: | 5e7c239541ada7230e39b6fc2e61b67ffde91007 |
|---|---|
| Certificate Common Name (CN): | idcythef.tj |
| Issuer Distinguished Name (DN): | idcythef.tj |
| TLS Version: | TLS 1.2 |
| First seen: | 2015-08-11 08:34:12 UTC |
| Last seen: | 2015-08-12 13:31:34 UTC |
| Status: | Blacklisted |
| Listing reason: | Dridex C&C |
| Listing date: | 2015-08-11 08:43:08 |
| Malware samples: | 5 |
| Botnet C&Cs: | 2 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2015-08-12 13:31:34 | 35646e6bb33303e35a685580222bdf78 |  23/57 (40.35%)
| Dridex | 141.0.177.142:443 |
| 2015-08-12 13:31:34 | 35646e6bb33303e35a685580222bdf78 | 23/57 (40.35%)
| Dridex | 141.0.177.142:443 |
| 2015-08-12 08:25:01 | 266d7ec1c68bcf695a954e1b5161e116 | 5/57 (8.77%)
| Dridex | 94.23.110.45:443 |
| 2015-08-12 08:25:01 | 266d7ec1c68bcf695a954e1b5161e116 | 5/57 (8.77%)
| Dridex | 94.23.110.45:443 |
| 2015-08-12 07:24:45 | 583b987ab786b387518e755e11c04621 | 5/57 (8.77%)
| Dridex | 94.23.110.45:443 |
| 2015-08-12 07:24:45 | 583b987ab786b387518e755e11c04621 | 5/57 (8.77%)
| Dridex | 94.23.110.45:443 |
| 2015-08-11 16:47:11 | 9b4611ae8cea3d0f7e155b95e49f669e | 1/57 (1.75%)
| Dridex | 94.23.110.45:443 |
| 2015-08-11 16:47:11 | 9b4611ae8cea3d0f7e155b95e49f669e | 1/57 (1.75%)
| Dridex | 94.23.110.45:443 |
| 2015-08-11 08:34:12 | f5a280d43b27a2a7256b319902773ed5 | 6/55 (10.91%)
| Dridex | 94.23.110.45:443 |
| 2015-08-11 08:34:12 | f5a280d43b27a2a7256b319902773ed5 | 6/55 (10.91%)
| Dridex | 94.23.110.45:443 |
# of entries: 10 (max: 100)