SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint b597beb8d4cf6e056cf6b0d943398eacdbddcc0a.
Database Entry
| SHA1 Fingerprint: | b597beb8d4cf6e056cf6b0d943398eacdbddcc0a |
|---|---|
| Certificate Common Name (CN): | luntrounduke.sh |
| Issuer Distinguished Name (DN): | luntrounduke.sh |
| TLS Version: | TLSv1 |
| First seen: | 2015-10-23 07:02:00 UTC |
| Last seen: | 2015-10-23 13:51:54 UTC |
| Status: | Blacklisted |
| Listing reason: | Dridex C&C |
| Listing date: | 2015-10-23 12:52:11 |
| Malware samples: | 2 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2015-10-23 13:51:54 | 4ef57741ccba192388604fd391b25c9d |  3/55 (5.45%)
| 68.168.100.232:6446 | |
| 2015-10-23 13:51:54 | 4ef57741ccba192388604fd391b25c9d | 3/55 (5.45%)
| 68.168.100.232:6446 | |
| 2015-10-23 07:02:00 | ad03974277f7954c504893db14a64a86 | 13/55 (23.64%)
| Dridex | 68.168.100.232:6446 |
| 2015-10-23 07:02:00 | ad03974277f7954c504893db14a64a86 | 13/55 (23.64%)
| Dridex | 68.168.100.232:6446 |
# of entries: 4 (max: 100)