SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 613c9682e987177bee34a4400d5b08b78b42a5b5.

Database Entry


SHA1 Fingerprint:613c9682e987177bee34a4400d5b08b78b42a5b5
Certificate Common Name (CN):thatatheodofri.thabeswnc.an
Issuer Distinguished Name (DN):thatatheodofri.thabeswnc.an
TLS Version:TLSv1
First seen:2017-03-22 18:36:07 UTC
Last seen:2017-03-23 15:44:10 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2017-03-23 19:07:13
Malware samples:7
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2017-03-23 15:44:10b0091c348e617462964b5ddf72d7073cVirustotal results 33/62 (53.23%) Dridex 8.8.247.36:443
2017-03-23 12:55:06802eb0928efd197e78afb1c6a5aa1915Virustotal results 44/61 (72.13%) Dridex 8.8.247.36:443
2017-03-23 03:05:05c215eb225a354f41a68091100885d4ecVirustotal results 36/61 (59.02%) Dridex 8.8.247.36:443
2017-03-22 18:51:4484abdddea487cef7c19b2ec37f613420n/aDridex 8.8.247.36:443
2017-03-22 18:42:357e6b5a2f93879a2aa4dd421889e880dan/aDridex 8.8.247.36:443
2017-03-22 18:38:4661fbc54d879a307ccfac2c862280507fn/aDridex 8.8.247.36:443
2017-03-22 18:36:079122dca70f0acb1df0b14b86072435ddn/aDridex 8.8.247.36:443

# of entries: 7 (max: 100)