SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 4535bf9ae7e786d77ee482d74b9a22cbe099be2e.
Database Entry
| SHA1 Fingerprint: | 4535bf9ae7e786d77ee482d74b9a22cbe099be2e |
|---|---|
| Certificate Common Name (CN): | yahoo.com/emailAddress=web@yahoo.com |
| Issuer Distinguished Name (DN): | yahoo.com/emailAddress=web@yahoo.com |
| TLS Version: | TLS 1.2 |
| First seen: | 2017-01-23 16:57:11 UTC |
| Last seen: | 2017-01-24 11:26:20 UTC |
| Status: | Blacklisted |
| Listing reason: | Gootkit C&C |
| Listing date: | 2017-01-24 07:53:27 |
| Malware samples: | 4 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2017-01-24 11:26:20 | a2a49b8e71e4144586627ae3fb48e2fd | n/a | Gootkit | 192.111.142.39:80 |
| 2017-01-24 11:26:20 | a2a49b8e71e4144586627ae3fb48e2fd | n/a | Gootkit | 192.111.142.39:80 |
| 2017-01-24 10:02:30 | 8052eefe0c610ccccd52e909a645522e |  40/55 (72.73%)
| Gootkit | 192.111.142.39:80 |
| 2017-01-24 10:02:30 | 8052eefe0c610ccccd52e909a645522e | 40/55 (72.73%)
| Gootkit | 192.111.142.39:80 |
| 2017-01-23 20:37:46 | 6278d4b5281658ab9d97b71f3eab0829 | 34/59 (57.63%)
| Gootkit | 192.111.142.39:80 |
| 2017-01-23 20:37:46 | 6278d4b5281658ab9d97b71f3eab0829 | 34/59 (57.63%)
| Gootkit | 192.111.142.39:80 |
| 2017-01-23 16:57:11 | e1b8a83d78f49a6b8f0b7fe3df7a9910 | n/a | Gootkit | 192.111.142.39:80 |
| 2017-01-23 16:57:11 | e1b8a83d78f49a6b8f0b7fe3df7a9910 | n/a | Gootkit | 192.111.142.39:80 |
# of entries: 8 (max: 100)