SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 9b71130e301ed450a8bd2aba3a7f8ceb808cb626.
Database Entry
| SHA1 Fingerprint: | 9b71130e301ed450a8bd2aba3a7f8ceb808cb626 |
|---|---|
| Certificate Common Name (CN): | mehesweransqui.gh |
| Issuer Distinguished Name (DN): | mehesweransqui.gh |
| TLS Version: | TLSv1 |
| First seen: | 2016-03-08 09:29:01 UTC |
| Last seen: | 2016-03-26 05:00:42 UTC |
| Status: | Blacklisted |
| Listing reason: | Dridex C&C |
| Listing date: | 2016-03-08 09:35:34 |
| Malware samples: | 4 |
| Botnet C&Cs: | 3 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-03-26 05:00:42 | 54bdf65b31b894f10395a3781bd5c2f1 |  9/57 (15.79%)
| Dridex | 212.126.59.41:443 |
| 2016-03-26 05:00:42 | 54bdf65b31b894f10395a3781bd5c2f1 | 9/57 (15.79%)
| Dridex | 212.126.59.41:443 |
| 2016-03-18 14:05:01 | 74afa7f3d84647672f0f4b4eec01676e | 8/55 (14.55%)
| Dridex | 93.104.211.103:443 |
| 2016-03-18 14:05:01 | 74afa7f3d84647672f0f4b4eec01676e | 8/55 (14.55%)
| Dridex | 93.104.211.103:443 |
| 2016-03-08 12:09:07 | 767fe5021ff678bd0b39467f73bda9fb | 2/54 (3.70%)
| Dridex | 46.22.128.133:443 |
| 2016-03-08 12:09:07 | 767fe5021ff678bd0b39467f73bda9fb | 2/54 (3.70%)
| Dridex | 46.22.128.133:443 |
| 2016-03-08 09:29:01 | 786c4a1e64aab338a73ec5563f01ffef | 2/56 (3.57%)
| Dridex | 46.22.128.133:443 |
| 2016-03-08 09:29:01 | 786c4a1e64aab338a73ec5563f01ffef | 2/56 (3.57%)
| Dridex | 46.22.128.133:443 |
# of entries: 8 (max: 100)