SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 7e75cdf922b9a24f86da31581ae4c62dc1bd25b0.

Database Entry

SHA1 Fingerprint:	7e75cdf922b9a24f86da31581ae4c62dc1bd25b0
Certificate Common Name (CN):	C=AU, ST=Some-State, O=Internet Widgits Pty Ltd
Issuer Distinguished Name (DN):	C=AU, ST=Some-State, O=Internet Widgits Pty Ltd
TLS Version:	TLS 1.2
First seen:	2016-07-31 14:34:52 UTC
Last seen:	2016-09-09 00:25:53 UTC
Status:	Blacklisted
Listing reason:	RockLoader C&C
Listing date:	2016-08-31 10:52:33
Malware samples:	6
Botnet C&Cs:	4

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2016-09-09 00:25:53	7ceecc243f51fd8f3f3002e1d723e86c	39/58 (67.24%)		216.126.225.149:443
2016-09-09 00:25:53	7ceecc243f51fd8f3f3002e1d723e86c	39/58 (67.24%)		216.126.225.149:443
2016-09-07 07:04:56	055f0dc01c1a2b75b805a638f9adb3d0	19/58 (32.76%)		66.85.27.108:443
2016-09-07 07:04:56	055f0dc01c1a2b75b805a638f9adb3d0	19/58 (32.76%)		66.85.27.108:443
2016-09-06 14:11:14	a61a8fa13d303a054abd1259c2522d4f	32/58 (55.17%)		216.126.225.149:443
2016-09-06 14:11:14	a61a8fa13d303a054abd1259c2522d4f	32/58 (55.17%)		216.126.225.149:443
2016-08-30 14:53:56	be6fb7580b1cdae0d16f1a93c6d964b4	35/58 (60.34%)	RockLoader	5.1.75.220:443
2016-08-30 14:53:56	be6fb7580b1cdae0d16f1a93c6d964b4	35/58 (60.34%)	RockLoader	5.1.75.220:443
2016-08-07 02:34:56	67579438b5cfa013bfb9f6ad3cf532eb	23/53 (43.40%)	Locky	23.249.164.126:443
2016-08-07 02:34:56	67579438b5cfa013bfb9f6ad3cf532eb	23/53 (43.40%)	Locky	23.249.164.126:443
2016-07-31 14:34:52	58a45542bc7bc051e2a8f0658ecec636	36/53 (67.92%)	Locky	23.249.164.126:443
2016-07-31 14:34:52	58a45542bc7bc051e2a8f0658ecec636	36/53 (67.92%)	Locky	23.249.164.126:443

# of entries: 12 (max: 100)