SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 950cb0cfd0a0869adb19fa009db74b83ea6da4dd.

Database Entry


SHA1 Fingerprint:950cb0cfd0a0869adb19fa009db74b83ea6da4dd
Certificate Common Name (CN):southnorth.org
Issuer Distinguished Name (DN):southnorth.org
TLS Version:TLS 1.2
First seen:2015-06-01 11:36:54 UTC
Last seen:2015-06-01 17:13:38 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-06-01 13:13:54
Malware samples:3
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-06-01 17:13:380d02257ec18b92b3c1cf58b8cb6b3d37Virustotal results 7/56 (12.50%) Dridex 31.186.99.250:8443
2015-06-01 12:54:527008675da5c1b0a6b59834d125fafa45Virustotal results 4/56 (7.14%) Dridex 31.186.99.250:8443
2015-06-01 11:36:544d38e00fe4cb475ab5d532ccb30d907bVirustotal results 4/56 (7.14%) Dridex 31.186.99.250:8443

# of entries: 3 (max: 100)