SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 2ef006ec84c0e6baac9abb9c585a97d4c43213f6.

Database Entry


SHA1 Fingerprint:2ef006ec84c0e6baac9abb9c585a97d4c43213f6
Certificate Common Name (CN):C=XX, L=Default City, O=Default Company Ltd
Issuer Distinguished Name (DN):C=XX, L=Default City, O=Default Company Ltd
TLS Version:TLS 1.2
First seen:2015-05-12 06:18:18 UTC
Last seen:2015-05-16 09:52:32 UTC
Status:Blacklisted
Listing reason:Ransomware C&C
Listing date:2015-08-12 15:28:43
Malware samples:11
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-05-16 09:52:3261e9cbc95b52c21ff8a0ebd435cd2aa5Virustotal results 36/57 (63.16%) Ransomware185.91.175.94:443
2015-05-15 23:58:59e6782f6c699858006a8ed16a1803583aVirustotal results 26/56 (46.43%) Ransomware185.91.175.94:443
2015-05-15 11:49:078a1736e5df2dde3e20a9e3967052eeb7Virustotal results 19/57 (33.33%) Ransomware185.91.175.94:443
2015-05-15 03:13:34c1ec0cc14bb508db0fb88ca8e3f4c67cVirustotal results 36/57 (63.16%) 185.91.175.94:443
2015-05-15 02:30:11d35c5b95c81edae197f521ff388d3d2eVirustotal results 6/54 (11.11%) 185.91.175.94:443
2015-05-15 01:23:15d43df158fe66af2dc3dcfcc5da954700Virustotal results 8/56 (14.29%) 185.91.175.94:443
2015-05-14 20:14:283dc75b0331b7562fbf26a739d6e86a30Virustotal results 28/57 (49.12%) Ransomware185.91.175.94:443
2015-05-13 23:49:526977887f27836257a20b219c61428d8aVirustotal results 27/57 (47.37%) 185.91.175.94:443
2015-05-13 19:36:286c7ba1bbbdbd7506a95767500ddf38afVirustotal results 29/48 (60.42%) 185.91.175.94:443
2015-05-12 22:40:442ec795a7be28e60e24f763c6dd25f208Virustotal results 27/57 (47.37%) 185.91.175.94:443
2015-05-12 06:18:18a5c38513b07786833fda425213f7d467Virustotal results 8/57 (14.04%) 185.91.175.94:443

# of entries: 11 (max: 100)