SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 6fc7fe77aaac09d078cb50039ec507f964082583.

Database Entry


SHA1 Fingerprint:6fc7fe77aaac09d078cb50039ec507f964082583
Certificate Common Name (CN):southnorth.org
Issuer Distinguished Name (DN):southnorth.org
TLS Version:TLSv1
First seen:2015-06-16 22:51:41 UTC
Last seen:2015-06-18 11:57:39 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-06-17 06:56:50
Malware samples:5
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-06-18 11:57:39dd9e17a7170fc042dfee41084279bf45Virustotal results 7/57 (12.28%) Dridex 37.143.11.165:4443
2015-06-17 20:23:15ea4bbf027eb58b92566eb4d98002f976Virustotal results 6/57 (10.53%) Dridex 37.143.11.165:4443
2015-06-17 14:34:59df2a0fce92a362fa1d893b8f8b6f4629Virustotal results 2/57 (3.51%) 37.143.11.165:4443
2015-06-16 23:09:50616498907d688f5e31d7ac31ebe4b85cVirustotal results 5/57 (8.77%) Dridex 37.143.11.165:4443
2015-06-16 22:51:41cf535d8d5c0338ed590cb6bb9a65944fVirustotal results 4/57 (7.02%) Dridex 37.143.11.165:4443

# of entries: 5 (max: 100)