SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint e265599c761510f99b95987f42b6209e5e6f4485.

Database Entry


SHA1 Fingerprint:e265599c761510f99b95987f42b6209e5e6f4485
Certificate Common Name (CN):enwiersiothet.pm
Issuer Distinguished Name (DN):enwiersiothet.pm
TLS Version:TLS 1.2
First seen:2015-08-19 08:29:41 UTC
Last seen:2015-08-24 11:29:46 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-08-19 08:51:47
Malware samples:3
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-08-24 11:29:46fde70e305fbf154f4010dbb778702582Virustotal results 0/57 (0.00%) 69.164.213.85:1443
2015-08-24 11:29:46fde70e305fbf154f4010dbb778702582Virustotal results 0/57 (0.00%) 69.164.213.85:1443
2015-08-23 13:36:21c6edbdee0edfc05faad4be65c4c9bdabVirustotal results 1/56 (1.79%) 69.164.213.85:1443
2015-08-23 13:36:21c6edbdee0edfc05faad4be65c4c9bdabVirustotal results 1/56 (1.79%) 69.164.213.85:1443
2015-08-19 08:29:418e8d3c7f558743a732b1c9d28179a1edn/aDridex 69.164.213.85:1443
2015-08-19 08:29:418e8d3c7f558743a732b1c9d28179a1edn/aDridex 69.164.213.85:1443

# of entries: 6 (max: 100)