SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 609d6866ef001b9411fe9a95e472957fef282e38.

Database Entry


SHA1 Fingerprint:609d6866ef001b9411fe9a95e472957fef282e38
Certificate Common Name (CN):apertmpusayfim.cr
Issuer Distinguished Name (DN):apertmpusayfim.cr
TLS Version:TLSv1
First seen:2015-11-10 12:10:56 UTC
Last seen:2015-11-23 16:54:24 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-11-10 12:34:20
Malware samples:7
Botnet C&Cs:3

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-11-23 16:54:245173d1be2f44e2346678f8249379bb84Virustotal results 5/53 (9.43%) Dridex 91.212.89.239:443
2015-11-23 13:29:337e6cfd542440e913e661a94f6a711ab4Virustotal results 3/55 (5.45%) Dridex 91.212.89.239:443
2015-11-20 13:33:241cc15b42130a5ec4c3a5d399ea6233dcVirustotal results 4/53 (7.55%) Dridex 91.212.89.239:443
2015-11-20 10:55:16d410a45dc4710ea0d383dee81fbbcb6fVirustotal results 4/52 (7.69%) Dridex 91.212.89.239:443
2015-11-18 22:34:3412b8234abc8840387350ce919ab2179cVirustotal results 34/55 (61.82%) Dridex 89.189.174.19:444
2015-11-18 17:34:556581b83c82ef4a2d940976a47550fb2cVirustotal results 12/56 (21.43%) Dridex 89.189.174.19:444
2015-11-10 12:10:562845499946fd5882f94cc9a4375b364aVirustotal results 2/52 (3.85%) Dridex 173.45.192.173:443

# of entries: 7 (max: 100)