SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a060d43f584a7d2f838b6d64aff4076df766a1b9.

Database Entry

SHA1 Fingerprint:a060d43f584a7d2f838b6d64aff4076df766a1b9
Certificate Common Name (CN):*.pillspharm24.com
Issuer Distinguished Name (DN):DigiCert SHA2 Secure Server CA
TLS Version:SSLv3
First seen:2015-06-12 17:49:03 UTC
Last seen:2015-07-12 18:38:43 UTC
Status:Blacklisted
Listing reason:Ransomware C&C
Listing date:2015-06-14 11:25:32
Malware samples:13
Botnet C&Cs:2

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-07-12 18:38:437cb21bcc7b2581a55b9ee1ab8f1c32d5Virustotal results 31/55 (56.36%) Teslacrypt78.47.143.212:443
2015-07-12 18:38:437cb21bcc7b2581a55b9ee1ab8f1c32d5Virustotal results 31/55 (56.36%) Teslacrypt78.47.143.212:443
2015-07-12 16:18:57bda192feb508354713e93e26e2ee455aVirustotal results 26/55 (47.27%) Teslacrypt78.47.143.212:443
2015-07-12 16:18:57bda192feb508354713e93e26e2ee455aVirustotal results 26/55 (47.27%) Teslacrypt78.47.143.212:443
2015-07-11 22:46:561ae3a9333c92e8880efa7ae4e52f305fn/aRansomware78.47.143.212:443
2015-07-11 22:46:561ae3a9333c92e8880efa7ae4e52f305fn/aRansomware78.47.143.212:443
2015-07-11 17:03:309d63e7bddf49390bd129354a612b3a75Virustotal results 16/56 (28.57%) Ransomware78.47.143.212:443
2015-07-11 17:03:309d63e7bddf49390bd129354a612b3a75Virustotal results 16/56 (28.57%) Ransomware78.47.143.212:443
2015-07-11 11:34:57186e51c84fcf445c640ae326ac7a21ecVirustotal results 5/55 (9.09%) Ransomware78.47.143.212:443
2015-07-11 11:34:57186e51c84fcf445c640ae326ac7a21ecVirustotal results 5/55 (9.09%) Ransomware78.47.143.212:443
2015-07-10 11:53:1029e93f6d8c88ff8175a71d738e3231b7Virustotal results 8/56 (14.29%) Spambot.Kelihos78.47.143.212:443
2015-07-10 11:53:1029e93f6d8c88ff8175a71d738e3231b7Virustotal results 8/56 (14.29%) Spambot.Kelihos78.47.143.212:443
2015-06-15 13:20:182d35b0faab482c692f0c79b0b0a0550aVirustotal results 6/57 (10.53%) Ransomware78.47.28.178:443
2015-06-15 13:20:182d35b0faab482c692f0c79b0b0a0550aVirustotal results 6/57 (10.53%) Ransomware78.47.28.178:443
2015-06-15 05:43:3571b55f6a8d4b5e0d2d5f302221426764Virustotal results 4/57 (7.02%) Ransomware78.47.28.178:443
2015-06-15 05:43:3571b55f6a8d4b5e0d2d5f302221426764Virustotal results 4/57 (7.02%) Ransomware78.47.28.178:443
2015-06-14 19:22:47803f00ca256e7808becd023c8f4effc5n/aRansomware78.47.28.178:443
2015-06-14 19:22:47803f00ca256e7808becd023c8f4effc5n/aRansomware78.47.28.178:443
2015-06-14 07:56:410d7c227d4616254f9ae4976270f2f398Virustotal results 12/57 (21.05%) Ransomware78.47.28.178:443
2015-06-14 07:56:410d7c227d4616254f9ae4976270f2f398Virustotal results 12/57 (21.05%) Ransomware78.47.28.178:443
2015-06-13 21:32:111b4e97af9f327126146338b8cd21dd86Virustotal results 8/57 (14.04%) Ransomware78.47.28.178:443
2015-06-13 21:32:111b4e97af9f327126146338b8cd21dd86Virustotal results 8/57 (14.04%) Ransomware78.47.28.178:443
2015-06-13 09:03:2260f45b8556bd29cfeeb42e94c828915cVirustotal results 12/57 (21.05%) Ransomware78.47.28.178:443
2015-06-13 09:03:2260f45b8556bd29cfeeb42e94c828915cVirustotal results 12/57 (21.05%) Ransomware78.47.28.178:443
2015-06-12 17:49:03841e6f7989172256d278fb98e8643bebVirustotal results 6/57 (10.53%) Ransomware78.47.28.178:443
2015-06-12 17:49:03841e6f7989172256d278fb98e8643bebVirustotal results 6/57 (10.53%) Ransomware78.47.28.178:443

# of entries: 26 (max: 100)