SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 63bfabcfd345f94ec99afd5f6200fa3d4487f764.

Database Entry

SHA1 Fingerprint:63bfabcfd345f94ec99afd5f6200fa3d4487f764
Certificate Common Name (CN):fgmbrmiris.tg
Issuer Distinguished Name (DN):fgmbrmiris.tg
TLS Version:TLS 1.2
First seen:2016-01-07 21:29:05 UTC
Last seen:2016-01-21 11:09:49 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2016-01-08 07:26:57
Malware samples:13
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-01-21 11:09:49e6f67b358009f66f1a4840c1eff19c2eVirustotal results 4/53 (7.55%) Dridex 80.96.150.201:9943
2016-01-21 11:09:49e6f67b358009f66f1a4840c1eff19c2eVirustotal results 4/53 (7.55%) Dridex 80.96.150.201:9943
2016-01-20 23:34:00568fa9f53536f239b32f5d3006b47a9dVirustotal results 4/40 (10.00%) Dridex 80.96.150.201:9943
2016-01-20 23:34:00568fa9f53536f239b32f5d3006b47a9dVirustotal results 4/40 (10.00%) Dridex 80.96.150.201:9943
2016-01-20 16:50:431c47c725ac630df05585b5ca2cbdb478Virustotal results 25/54 (46.30%) Dridex 80.96.150.201:9943
2016-01-20 16:50:431c47c725ac630df05585b5ca2cbdb478Virustotal results 25/54 (46.30%) Dridex 80.96.150.201:9943
2016-01-20 14:43:22fb7129452062101c343ab6627102f0ebVirustotal results 18/55 (32.73%) Dridex 80.96.150.201:9943
2016-01-20 14:43:22fb7129452062101c343ab6627102f0ebVirustotal results 18/55 (32.73%) Dridex 80.96.150.201:9943
2016-01-20 06:21:076c96708f61ed1119dd6f9710b1945a23Virustotal results 24/54 (44.44%) Dridex 80.96.150.201:9943
2016-01-20 06:21:076c96708f61ed1119dd6f9710b1945a23Virustotal results 24/54 (44.44%) Dridex 80.96.150.201:9943
2016-01-18 11:08:059b766d4bda87ec4f52007fe916edee21Virustotal results 13/55 (23.64%) Dridex 80.96.150.201:9943
2016-01-18 11:08:059b766d4bda87ec4f52007fe916edee21Virustotal results 13/55 (23.64%) Dridex 80.96.150.201:9943
2016-01-18 09:50:39691c89784be37b5ed1d646163f2e0602Virustotal results 22/54 (40.74%) Dridex 80.96.150.201:9943
2016-01-18 09:50:39691c89784be37b5ed1d646163f2e0602Virustotal results 22/54 (40.74%) Dridex 80.96.150.201:9943
2016-01-17 16:48:0249f9e61fd7fd3e50b854082d91f40899Virustotal results 25/55 (45.45%) Dridex 80.96.150.201:9943
2016-01-17 16:48:0249f9e61fd7fd3e50b854082d91f40899Virustotal results 25/55 (45.45%) Dridex 80.96.150.201:9943
2016-01-13 09:18:498cfaf90bf572e528c2759f93c89b6986Virustotal results 21/56 (37.50%) Dridex 80.96.150.201:9943
2016-01-13 09:18:498cfaf90bf572e528c2759f93c89b6986Virustotal results 21/56 (37.50%) Dridex 80.96.150.201:9943
2016-01-09 19:44:318a4bb323d4227fc0edae33a9d2d99fc1Virustotal results 31/56 (55.36%) Dridex 80.96.150.201:9943
2016-01-09 19:44:318a4bb323d4227fc0edae33a9d2d99fc1Virustotal results 31/56 (55.36%) Dridex 80.96.150.201:9943
2016-01-08 15:36:20613f5e4139e8006e9d47cb562450bc4aVirustotal results 35/56 (62.50%) Dridex 80.96.150.201:9943
2016-01-08 15:36:20613f5e4139e8006e9d47cb562450bc4aVirustotal results 35/56 (62.50%) Dridex 80.96.150.201:9943
2016-01-08 13:02:125ab2a67268b3362802a13594edafbd2eVirustotal results 5/55 (9.09%) Dridex 80.96.150.201:9943
2016-01-08 13:02:125ab2a67268b3362802a13594edafbd2eVirustotal results 5/55 (9.09%) Dridex 80.96.150.201:9943
2016-01-07 21:29:05891dd0deaf82d9367d8e6a81300fdd13n/aDridex 80.96.150.201:9943
2016-01-07 21:29:05891dd0deaf82d9367d8e6a81300fdd13n/aDridex 80.96.150.201:9943

# of entries: 26 (max: 100)