SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a672ac43cf28e66916275bc21bd874b50ee791f2.

Database Entry


SHA1 Fingerprint:a672ac43cf28e66916275bc21bd874b50ee791f2
Certificate Common Name (CN):southnorth.org
Issuer Distinguished Name (DN):southnorth.org
TLS Version:SSLv3
First seen:2015-05-27 01:20:06 UTC
Last seen:2015-05-28 07:42:25 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-05-28 09:06:16
Malware samples:7
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-05-28 07:42:25f34d86b26d7350e5fb9af3b16c2f398eVirustotal results 42/57 (73.68%) Dridex 185.11.247.226:8443
2015-05-28 06:45:3381b2874e4f203da4f95c35fb99fc86cdVirustotal results 38/57 (66.67%) Dridex 185.11.247.226:8443
2015-05-28 02:25:31c9b436c598c7fbe776b38d5b74301aa3Virustotal results 36/57 (63.16%) 185.11.247.226:8443
2015-05-27 23:44:0639641ca134d30da1dd93ea663f6c024cVirustotal results 33/56 (58.93%) Dridex 185.11.247.226:8443
2015-05-27 17:44:5922525a6ec8492984cc0fdba70ef559d0Virustotal results 22/56 (39.29%) Dridex 185.11.247.226:8443
2015-05-27 15:29:063b3584ca242581605f812ca385461ae1Virustotal results 39/56 (69.64%) 185.11.247.226:8443
2015-05-27 01:20:0671953b6772af656708209ed965d8a4f9Virustotal results 38/57 (66.67%) 185.11.247.226:8443

# of entries: 7 (max: 100)