SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint e904d0bdb394443967a8b65d4321a08f5cf124c6.

Database Entry


SHA1 Fingerprint:e904d0bdb394443967a8b65d4321a08f5cf124c6
Certificate Common Name (CN):ithesteditohec.pw
Issuer Distinguished Name (DN):ithesteditohec.pw
TLS Version:TLSv1
First seen:2016-01-20 10:57:00 UTC
Last seen:2016-01-27 01:50:00 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2016-01-20 11:07:17
Malware samples:6
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-01-27 01:50:007e32a8fdf74ee02a8a2bee2ab56e4eafVirustotal results 37/55 (67.27%) Dridex 216.224.175.92:4143
2016-01-26 09:05:24b51b19928d9577040a409631769337e4Virustotal results 37/52 (71.15%) Dridex 216.224.175.92:4143
2016-01-23 12:45:3364f4c1e319c4430f059aa61e1faf9ef4Virustotal results 29/54 (53.70%) 216.224.175.92:4143
2016-01-22 14:53:46f318a00a19249faaad1edba14c635384Virustotal results 1/53 (1.89%) Dridex 216.224.175.92:4143
2016-01-20 16:25:2134781d4f8654f9547cc205061221aea5Virustotal results 1/54 (1.85%) Dridex 216.224.175.92:4143
2016-01-20 10:57:007db792adc71e9dc0f6bb28a5f802b7abVirustotal results 4/54 (7.41%) Dridex 216.224.175.92:4143

# of entries: 6 (max: 100)