SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint ec5b81f7e1eab37fd7d66172d88ef691fdddff06.
Database Entry
| SHA1 Fingerprint: | ec5b81f7e1eab37fd7d66172d88ef691fdddff06 |
|---|---|
| Certificate Common Name (CN): | wiabesuib.mh |
| Issuer Distinguished Name (DN): | wiabesuib.mh |
| TLS Version: | TLSv1 |
| First seen: | 2016-01-29 06:03:46 UTC |
| Last seen: | 2016-02-01 06:25:00 UTC |
| Status: | Blacklisted |
| Listing reason: | Dridex C&C |
| Listing date: | 2016-01-29 07:25:38 |
| Malware samples: | 3 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-02-01 06:25:00 | 3b72a55fa82668f635db2b12feb2e30e |  37/54 (68.52%)
| Dridex | 202.69.40.173:243 |
| 2016-02-01 06:25:00 | 3b72a55fa82668f635db2b12feb2e30e | 37/54 (68.52%)
| Dridex | 202.69.40.173:243 |
| 2016-01-29 14:48:45 | 875b5f2cfbd07f918c954b2ed4b8d0df | 38/55 (69.09%)
| Dridex | 202.69.40.173:243 |
| 2016-01-29 14:48:45 | 875b5f2cfbd07f918c954b2ed4b8d0df | 38/55 (69.09%)
| Dridex | 202.69.40.173:243 |
| 2016-01-29 06:03:47 | b70ae516f434af87a90668a6c87ea202 | 26/53 (49.06%)
| Dridex | 202.69.40.173:243 |
| 2016-01-29 06:03:47 | b70ae516f434af87a90668a6c87ea202 | 26/53 (49.06%)
| Dridex | 202.69.40.173:243 |
# of entries: 6 (max: 100)