SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 814cae810c29fd37d75ca2657d73a0d35c2840d8.

Database Entry


SHA1 Fingerprint:814cae810c29fd37d75ca2657d73a0d35c2840d8
Certificate Common Name (CN):llafondtofcthe.af
Issuer Distinguished Name (DN):llafondtofcthe.af
TLS Version:TLSv1
First seen:2015-08-19 08:29:41 UTC
Last seen:2015-08-30 15:38:48 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-08-19 08:51:46
Malware samples:7
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-08-30 15:38:48060786d36af20bbc743e2d829591f96eVirustotal results 2/57 (3.51%) Dridex 80.247.233.18:1443
2015-08-24 13:11:426873c4653842e311f001cbe6992c4d4dVirustotal results 10/57 (17.54%) Dridex 80.247.233.18:1443
2015-08-24 11:29:46fde70e305fbf154f4010dbb778702582Virustotal results 0/57 (0.00%) 80.247.233.18:1443
2015-08-23 13:36:21c6edbdee0edfc05faad4be65c4c9bdabVirustotal results 1/56 (1.79%) 80.247.233.18:1443
2015-08-22 03:37:56014c9c5b650df20f58384bdcec93c040Virustotal results 1/57 (1.75%) Dridex 80.247.233.18:1443
2015-08-20 05:50:277ab7e455fe58b23f821602144113e9f4Virustotal results 2/57 (3.51%) Dridex 80.247.233.18:1443
2015-08-19 08:29:418e8d3c7f558743a732b1c9d28179a1edn/aDridex 80.247.233.18:1443

# of entries: 7 (max: 100)