SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 80fffed849f615fd531d74e5e6b326e4f018dfc6.

Database Entry

SHA1 Fingerprint:	80fffed849f615fd531d74e5e6b326e4f018dfc6
Certificate Common Name (CN):	arsdbyic.yu
Issuer Distinguished Name (DN):	arsdbyic.yu
TLS Version:	TLS 1.2
First seen:	2015-07-24 13:41:48 UTC
Last seen:	2015-07-27 09:18:22 UTC
Status:	Blacklisted
Listing reason:	Dridex C&C
Listing date:	2015-07-25 07:39:44
Malware samples:	6
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2015-07-27 09:18:22	f480cf68fbc0e2b60a490e2d54de3a62	0/56 (0.00%)	Dridex	94.23.110.45:443
2015-07-27 09:18:22	f480cf68fbc0e2b60a490e2d54de3a62	0/56 (0.00%)	Dridex	94.23.110.45:443
2015-07-26 18:00:57	4011190388f764a9d1aab78bed4713b3	0/56 (0.00%)	Dridex	94.23.110.45:443
2015-07-26 18:00:57	4011190388f764a9d1aab78bed4713b3	0/56 (0.00%)	Dridex	94.23.110.45:443
2015-07-26 11:50:02	0478e2634f04e06c2ade5ba1e77b79de	0/55 (0.00%)	Dridex	94.23.110.45:443
2015-07-26 11:50:02	0478e2634f04e06c2ade5ba1e77b79de	0/55 (0.00%)	Dridex	94.23.110.45:443
2015-07-25 22:08:30	4990926cc1815d318eb1dc06c2831133	1/56 (1.79%)	Dridex	94.23.110.45:443
2015-07-25 22:08:30	4990926cc1815d318eb1dc06c2831133	1/56 (1.79%)	Dridex	94.23.110.45:443
2015-07-25 17:20:06	9d1d0632329f04d8b1ec21aff4ce6493	3/55 (5.45%)	Dridex	94.23.110.45:443
2015-07-25 17:20:06	9d1d0632329f04d8b1ec21aff4ce6493	3/55 (5.45%)	Dridex	94.23.110.45:443
2015-07-24 13:41:48	32230d747829dcf77841f594aa54915a	0/55 (0.00%)	Dridex	94.23.110.45:443
2015-07-24 13:41:48	32230d747829dcf77841f594aa54915a	0/55 (0.00%)	Dridex	94.23.110.45:443

# of entries: 12 (max: 100)