SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 867f3d924828f93b0bd30641dfb01d51351aeac9.

Database Entry

SHA1 Fingerprint:	867f3d924828f93b0bd30641dfb01d51351aeac9
Certificate Common Name (CN):	C=XX, L=Default City, O=Default Company Ltd
Issuer Distinguished Name (DN):	C=XX, L=Default City, O=Default Company Ltd
TLS Version:	SSLv3
First seen:	2015-04-08 21:58:30 UTC
Last seen:	2015-05-27 03:46:42 UTC
Status:	Blacklisted
Listing reason:	Ransomware C&C
Listing date:	2015-08-12 15:31:50
Malware samples:	25
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2015-05-27 03:46:42	da0bc6d4eddf0354245e6597947dadd7	45/57 (78.95%)	Ransomware	62.173.145.212:443
2015-05-27 03:46:42	da0bc6d4eddf0354245e6597947dadd7	45/57 (78.95%)	Ransomware	62.173.145.212:443
2015-05-11 22:16:30	e48e54bda92ccdd9fdfb4771060e106a	15/56 (26.79%)		62.173.145.212:443
2015-05-11 22:16:30	e48e54bda92ccdd9fdfb4771060e106a	15/56 (26.79%)		62.173.145.212:443
2015-05-05 10:09:28	17d9ab6ca5838d0a2fa80cdcfc928ff5	22/55 (40.00%)	Ransomware	62.173.145.212:443
2015-05-05 10:09:28	17d9ab6ca5838d0a2fa80cdcfc928ff5	22/55 (40.00%)	Ransomware	62.173.145.212:443
2015-05-05 03:18:58	97a54abc19d39ab66efe1a474fe3ddd7	4/53 (7.55%)		62.173.145.212:443
2015-05-05 03:18:58	97a54abc19d39ab66efe1a474fe3ddd7	4/53 (7.55%)		62.173.145.212:443
2015-05-04 20:55:06	ed4e38c11dfb8059aab480f610c2c9c5	4/55 (7.27%)	Ransomware	62.173.145.212:443
2015-05-04 20:55:06	ed4e38c11dfb8059aab480f610c2c9c5	4/55 (7.27%)	Ransomware	62.173.145.212:443
2015-05-04 15:39:07	ac592fd6bcc1c56e09443d7086ba46d1	6/57 (10.53%)		62.173.145.212:443
2015-05-04 15:39:07	ac592fd6bcc1c56e09443d7086ba46d1	6/57 (10.53%)		62.173.145.212:443
2015-05-04 08:25:09	a0f9789f5af25a15fe11ab2f1e64d056	5/54 (9.26%)		62.173.145.212:443
2015-05-04 08:25:09	a0f9789f5af25a15fe11ab2f1e64d056	5/54 (9.26%)		62.173.145.212:443
2015-05-04 01:41:56	50fcfa73f8ebdacf9687bb885fb5be33	10/55 (18.18%)		62.173.145.212:443
2015-05-04 01:41:56	50fcfa73f8ebdacf9687bb885fb5be33	10/55 (18.18%)		62.173.145.212:443
2015-05-03 18:55:27	70afb0143f553fd40ddeb23ae2bc40d8	1/56 (1.79%)	Ransomware	62.173.145.212:443
2015-05-03 18:55:27	70afb0143f553fd40ddeb23ae2bc40d8	1/56 (1.79%)	Ransomware	62.173.145.212:443
2015-05-03 03:33:22	61538446b83a79421f51c7c8bba98aa5	2/55 (3.64%)	Ransomware	62.173.145.212:443
2015-05-03 03:33:22	61538446b83a79421f51c7c8bba98aa5	2/55 (3.64%)	Ransomware	62.173.145.212:443
2015-05-01 01:02:11	bb28aba4b6359aa7fbe5fc4bcae1912b	18/53 (33.96%)	Ransomware	62.173.145.212:443
2015-05-01 01:02:11	bb28aba4b6359aa7fbe5fc4bcae1912b	18/53 (33.96%)	Ransomware	62.173.145.212:443
2015-04-30 12:33:17	c9e937d76bc524ba3f1d4380e8517eb1	8/53 (15.09%)	Ransomware	62.173.145.212:443
2015-04-30 12:33:17	c9e937d76bc524ba3f1d4380e8517eb1	8/53 (15.09%)	Ransomware	62.173.145.212:443
2015-04-29 12:44:17	db276090abe58ed4184abd5ede8c674b	28/57 (49.12%)		62.173.145.212:443
2015-04-29 12:44:17	db276090abe58ed4184abd5ede8c674b	28/57 (49.12%)		62.173.145.212:443
2015-04-28 20:55:28	8b207f27c63ec037e51ab089bce2eb98	7/57 (12.28%)		62.173.145.212:443
2015-04-28 20:55:28	8b207f27c63ec037e51ab089bce2eb98	7/57 (12.28%)		62.173.145.212:443
2015-04-28 20:51:05	21082bc12793316638e050c324b07230	35/55 (63.64%)	Ransomware	62.173.145.212:443
2015-04-28 20:51:05	21082bc12793316638e050c324b07230	35/55 (63.64%)	Ransomware	62.173.145.212:443
2015-04-27 17:07:29	d70a2668153af717891ce3bb744debcf	10/56 (17.86%)	Ransomware	62.173.145.212:443
2015-04-27 17:07:29	d70a2668153af717891ce3bb744debcf	10/56 (17.86%)	Ransomware	62.173.145.212:443
2015-04-27 11:16:53	e2d51482188ffa00d6b2de5d307161b6	7/57 (12.28%)		62.173.145.212:443
2015-04-27 11:16:53	e2d51482188ffa00d6b2de5d307161b6	7/57 (12.28%)		62.173.145.212:443
2015-04-25 10:52:05	9a4baafb374697e51991fbde8bc5c5ac	1/57 (1.75%)	Ransomware	62.173.145.212:443
2015-04-25 10:52:05	9a4baafb374697e51991fbde8bc5c5ac	1/57 (1.75%)	Ransomware	62.173.145.212:443
2015-04-20 15:49:23	43d513af044d4eb59e5b37f159e04d1e	15/56 (26.79%)	Ransomware	62.173.145.212:443
2015-04-20 15:49:23	43d513af044d4eb59e5b37f159e04d1e	15/56 (26.79%)	Ransomware	62.173.145.212:443
2015-04-19 21:20:27	1a0472731315a79dc55ed57f4405b958	11/55 (20.00%)		62.173.145.212:443
2015-04-19 21:20:27	1a0472731315a79dc55ed57f4405b958	11/55 (20.00%)		62.173.145.212:443
2015-04-17 06:57:06	04c4983c3396539c47fd6a2edb51df9d	2/55 (3.64%)	Ransomware	62.173.145.212:443
2015-04-17 06:57:06	04c4983c3396539c47fd6a2edb51df9d	2/55 (3.64%)	Ransomware	62.173.145.212:443
2015-04-17 02:02:32	dda0ff4cc8bfa9eab20917f2160481d5	28/56 (50.00%)		62.173.145.212:443
2015-04-17 02:02:32	dda0ff4cc8bfa9eab20917f2160481d5	28/56 (50.00%)		62.173.145.212:443
2015-04-11 17:32:04	0d532ad2ae4164e67717c60b9e0f9144	33/57 (57.89%)		62.173.145.212:443
2015-04-11 17:32:04	0d532ad2ae4164e67717c60b9e0f9144	33/57 (57.89%)		62.173.145.212:443
2015-04-11 11:48:10	de4324dd63e0049161afd76c4ed36ba5	6/57 (10.53%)	Ransomware	62.173.145.212:443
2015-04-11 11:48:10	de4324dd63e0049161afd76c4ed36ba5	6/57 (10.53%)	Ransomware	62.173.145.212:443
2015-04-08 21:58:30	8bb1e4bfe24181bc16dc8a0cfccd8f91	31/56 (55.36%)		62.173.145.212:443
2015-04-08 21:58:30	8bb1e4bfe24181bc16dc8a0cfccd8f91	31/56 (55.36%)		62.173.145.212:443

# of entries: 50 (max: 100)