SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a74dab7a38fff112767280632912ba0370904801.

Database Entry

SHA1 Fingerprint:a74dab7a38fff112767280632912ba0370904801
Certificate Common Name (CN):wapeliebesat.md
Issuer Distinguished Name (DN):wapeliebesat.md
TLS Version:TLSv1
First seen:2015-11-30 07:57:23 UTC
Last seen:2016-01-09 02:42:04 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-11-30 08:08:54
Malware samples:13
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-01-09 02:42:04acac47dabcccc5ba0a03607eedca1f6cn/aDridex 46.22.134.78:4493
2016-01-09 02:42:04acac47dabcccc5ba0a03607eedca1f6cn/aDridex 46.22.134.78:4493
2015-12-03 22:22:07fc9474608e4bf2d68e156507e70f8537n/aDridex 46.22.134.78:4493
2015-12-03 22:22:07fc9474608e4bf2d68e156507e70f8537n/aDridex 46.22.134.78:4493
2015-12-03 20:20:09d8bb901746d91b65ade376b9c340e8cfVirustotal results 6/56 (10.71%) Dridex 46.22.134.78:4493
2015-12-03 20:20:09d8bb901746d91b65ade376b9c340e8cfVirustotal results 6/56 (10.71%) Dridex 46.22.134.78:4493
2015-12-03 10:14:5528db91c1b577b5db79196480a17a6bb3n/aDridex 46.22.134.78:4493
2015-12-03 10:14:5528db91c1b577b5db79196480a17a6bb3n/aDridex 46.22.134.78:4493
2015-12-03 02:25:51cfffb94c9c65ca9a53456c450ba3283bn/aDridex 46.22.134.78:4493
2015-12-03 02:25:51cfffb94c9c65ca9a53456c450ba3283bn/aDridex 46.22.134.78:4493
2015-12-02 23:37:312045e00346a42e0f7987b11a2b50d4dan/aDridex 46.22.134.78:4493
2015-12-02 23:37:312045e00346a42e0f7987b11a2b50d4dan/aDridex 46.22.134.78:4493
2015-12-01 16:51:14588f8765ba6d4739ba17831b2f801926Virustotal results 3/56 (5.36%) Dridex 46.22.134.78:4493
2015-12-01 16:51:14588f8765ba6d4739ba17831b2f801926Virustotal results 3/56 (5.36%) Dridex 46.22.134.78:4493
2015-12-01 15:10:412d7c9e97b103800f0d35094c1116f1e0n/aDridex 46.22.134.78:4493
2015-12-01 15:10:412d7c9e97b103800f0d35094c1116f1e0n/aDridex 46.22.134.78:4493
2015-12-01 15:03:570983ffa855d8ab95854d7ecb616f02e1Virustotal results 4/56 (7.14%) Dridex 46.22.134.78:4493
2015-12-01 15:03:570983ffa855d8ab95854d7ecb616f02e1Virustotal results 4/56 (7.14%) Dridex 46.22.134.78:4493
2015-12-01 10:31:34cdc9cedefc1c9fced547571001fd286cn/aDridex 46.22.134.78:4493
2015-12-01 10:31:34cdc9cedefc1c9fced547571001fd286cn/aDridex 46.22.134.78:4493
2015-12-01 02:06:505b7b9d98b760ce269c6447442adcb7f6Virustotal results 3/56 (5.36%) Dridex 46.22.134.78:4493
2015-12-01 02:06:505b7b9d98b760ce269c6447442adcb7f6Virustotal results 3/56 (5.36%) Dridex 46.22.134.78:4493
2015-11-30 23:49:411f1ce7b772f876f0d7298ec90f895983Virustotal results 3/56 (5.36%) Dridex 46.22.134.78:4493
2015-11-30 23:49:411f1ce7b772f876f0d7298ec90f895983Virustotal results 3/56 (5.36%) Dridex 46.22.134.78:4493
2015-11-30 07:57:2346e0114e77c26ceacd866c5dda8c8c67Virustotal results 4/55 (7.27%) Dridex 46.22.134.78:4493
2015-11-30 07:57:2346e0114e77c26ceacd866c5dda8c8c67Virustotal results 4/55 (7.27%) Dridex 46.22.134.78:4493

# of entries: 26 (max: 100)