SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint acb96e00e0d811742d7281bb616198cc803c371b.

Database Entry


SHA1 Fingerprint:acb96e00e0d811742d7281bb616198cc803c371b
Certificate Common Name (CN):southnorth.org
Issuer Distinguished Name (DN):southnorth.org
TLS Version:SSLv3
First seen:2015-06-04 08:20:12 UTC
Last seen:2015-06-08 10:39:48 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-06-04 10:36:18
Malware samples:2
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-06-08 10:39:4848d496afc9c2c123e1ab0c72822a7975Virustotal results 6/57 (10.53%) Dridex 146.185.128.226:8443
2015-06-08 10:39:4848d496afc9c2c123e1ab0c72822a7975Virustotal results 6/57 (10.53%) Dridex 146.185.128.226:8443
2015-06-04 08:20:1281b312dbcf901aadfd2d05a0c8492f77Virustotal results 36/57 (63.16%) Dridex 146.185.128.226:8443
2015-06-04 08:20:1281b312dbcf901aadfd2d05a0c8492f77Virustotal results 36/57 (63.16%) Dridex 146.185.128.226:8443

# of entries: 4 (max: 100)