SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 950cb0cfd0a0869adb19fa009db74b83ea6da4dd.
Database Entry
| SHA1 Fingerprint: | 950cb0cfd0a0869adb19fa009db74b83ea6da4dd |
|---|---|
| Certificate Common Name (CN): | southnorth.org |
| Issuer Distinguished Name (DN): | southnorth.org |
| TLS Version: | TLS 1.2 |
| First seen: | 2015-06-01 11:36:54 UTC |
| Last seen: | 2015-06-01 17:13:38 UTC |
| Status: | Blacklisted |
| Listing reason: | Dridex C&C |
| Listing date: | 2015-06-01 13:13:54 |
| Malware samples: | 3 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2015-06-01 17:13:38 | 0d02257ec18b92b3c1cf58b8cb6b3d37 |  7/56 (12.50%)
| Dridex | 31.186.99.250:8443 |
| 2015-06-01 17:13:38 | 0d02257ec18b92b3c1cf58b8cb6b3d37 | 7/56 (12.50%)
| Dridex | 31.186.99.250:8443 |
| 2015-06-01 12:54:52 | 7008675da5c1b0a6b59834d125fafa45 | 4/56 (7.14%)
| Dridex | 31.186.99.250:8443 |
| 2015-06-01 12:54:52 | 7008675da5c1b0a6b59834d125fafa45 | 4/56 (7.14%)
| Dridex | 31.186.99.250:8443 |
| 2015-06-01 11:36:54 | 4d38e00fe4cb475ab5d532ccb30d907b | 4/56 (7.14%)
| Dridex | 31.186.99.250:8443 |
| 2015-06-01 11:36:54 | 4d38e00fe4cb475ab5d532ccb30d907b | 4/56 (7.14%)
| Dridex | 31.186.99.250:8443 |
# of entries: 6 (max: 100)