SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint df78b019bc298bc97217bee62327fcc6970ae454.

Database Entry


SHA1 Fingerprint:df78b019bc298bc97217bee62327fcc6970ae454
Certificate Common Name (CN):catttboret.tp
Issuer Distinguished Name (DN):catttboret.tp
TLS Version:TLSv1
First seen:2015-08-04 12:03:15 UTC
Last seen:2015-08-06 08:12:21 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-08-04 12:11:05
Malware samples:4
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-08-06 08:12:212934c524678e7e1447653e72a1e8ca3bVirustotal results 4/55 (7.27%) 194.58.111.157:448
2015-08-05 08:27:298f3063ef8032799f71507b8f88f8a1c5Virustotal results 3/55 (5.45%) Dridex 194.58.111.157:448
2015-08-04 12:58:4938bc5f2b0e9028069e2a5034556ea385Virustotal results 2/54 (3.70%) Dridex 194.58.111.157:448
2015-08-04 12:03:15f3a17cb9919d6d5e92af37f0a3f71575Virustotal results 2/55 (3.64%) Dridex 194.58.111.157:448

# of entries: 4 (max: 100)