SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 80fffed849f615fd531d74e5e6b326e4f018dfc6.

Database Entry

SHA1 Fingerprint:80fffed849f615fd531d74e5e6b326e4f018dfc6
Certificate Common Name (CN):arsdbyic.yu
Issuer Distinguished Name (DN):arsdbyic.yu
TLS Version:TLS 1.2
First seen:2015-07-24 13:41:48 UTC
Last seen:2015-07-27 09:18:22 UTC
Listing reason:Dridex C&C
Listing date:2015-07-25 07:39:44
Malware samples:6
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-07-27 09:18:22f480cf68fbc0e2b60a490e2d54de3a62Virustotal results 0/56 (0.00%) Dridex
2015-07-26 18:00:574011190388f764a9d1aab78bed4713b3Virustotal results 0/56 (0.00%) Dridex
2015-07-26 11:50:020478e2634f04e06c2ade5ba1e77b79deVirustotal results 0/55 (0.00%) Dridex
2015-07-25 22:08:304990926cc1815d318eb1dc06c2831133Virustotal results 1/56 (1.79%) Dridex
2015-07-25 17:20:069d1d0632329f04d8b1ec21aff4ce6493Virustotal results 3/55 (5.45%) Dridex
2015-07-24 13:41:4832230d747829dcf77841f594aa54915aVirustotal results 0/55 (0.00%) Dridex

# of entries: 6 (max: 100)