SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint df78b019bc298bc97217bee62327fcc6970ae454.
Database Entry
| SHA1 Fingerprint: | df78b019bc298bc97217bee62327fcc6970ae454 |
|---|---|
| Certificate Common Name (CN): | catttboret.tp |
| Issuer Distinguished Name (DN): | catttboret.tp |
| TLS Version: | TLSv1 |
| First seen: | 2015-08-04 12:03:15 UTC |
| Last seen: | 2015-08-06 08:12:21 UTC |
| Status: | Blacklisted |
| Listing reason: | Dridex C&C |
| Listing date: | 2015-08-04 12:11:05 |
| Malware samples: | 4 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2015-08-06 08:12:21 | 2934c524678e7e1447653e72a1e8ca3b |  4/55 (7.27%)
| 194.58.111.157:448 | |
| 2015-08-06 08:12:21 | 2934c524678e7e1447653e72a1e8ca3b | 4/55 (7.27%)
| 194.58.111.157:448 | |
| 2015-08-05 08:27:29 | 8f3063ef8032799f71507b8f88f8a1c5 | 3/55 (5.45%)
| Dridex | 194.58.111.157:448 |
| 2015-08-05 08:27:29 | 8f3063ef8032799f71507b8f88f8a1c5 | 3/55 (5.45%)
| Dridex | 194.58.111.157:448 |
| 2015-08-04 12:58:49 | 38bc5f2b0e9028069e2a5034556ea385 | 2/54 (3.70%)
| Dridex | 194.58.111.157:448 |
| 2015-08-04 12:58:49 | 38bc5f2b0e9028069e2a5034556ea385 | 2/54 (3.70%)
| Dridex | 194.58.111.157:448 |
| 2015-08-04 12:03:15 | f3a17cb9919d6d5e92af37f0a3f71575 | 2/55 (3.64%)
| Dridex | 194.58.111.157:448 |
| 2015-08-04 12:03:15 | f3a17cb9919d6d5e92af37f0a3f71575 | 2/55 (3.64%)
| Dridex | 194.58.111.157:448 |
# of entries: 8 (max: 100)