SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a9cdc9f74a9d669a9f511095c0996ac20f9dcf7f.

Database Entry


SHA1 Fingerprint:a9cdc9f74a9d669a9f511095c0996ac20f9dcf7f
Certificate Common Name (CN):etysirersllsla.td
Issuer Distinguished Name (DN):etysirersllsla.td
TLS Version:SSLv3
First seen:2016-03-09 14:59:59 UTC
Last seen:2016-04-24 02:56:25 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2016-03-09 15:28:04
Malware samples:8
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-04-24 02:56:25ec58a876ac1e14db49727ec5961c60d9Virustotal results 36/56 (64.29%) Dridex 64.76.19.251:4243
2016-04-20 13:36:423a4f13d83d9845a4066112fb09f09c9cVirustotal results 5/56 (8.93%) Dridex 64.76.19.251:4243
2016-04-09 18:27:02c868b3dd644e3bc72461a4f706101b20Virustotal results 30/57 (52.63%) Dridex 64.76.19.251:4243
2016-04-09 13:53:29ebc0ea8e87a0f04841d5ebd202a6feb2Virustotal results 26/57 (45.61%) Dridex 64.76.19.251:4243
2016-04-08 19:15:013d43a717dbf0bb6eb2d2ee42a8028944Virustotal results 5/56 (8.93%) Dridex 64.76.19.251:4243
2016-04-08 02:06:48edd6618ea7cd5be7f27fef8e281e2d87Virustotal results 33/57 (57.89%) Dridex 64.76.19.251:4243
2016-03-11 18:45:44d749d85e98c3310870196a80e2c3a159Virustotal results 34/56 (60.71%) Dridex 64.76.19.251:4243
2016-03-09 14:59:5920327d6ea0476d644c383fed1e3effcaVirustotal results 2/55 (3.64%) Dridex 64.76.19.251:4243

# of entries: 8 (max: 100)