SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint fd028dcbdf0df69d701fca558bb30a8848ad4f3e.

Database Entry

SHA1 Fingerprint:fd028dcbdf0df69d701fca558bb30a8848ad4f3e
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-10-28 13:35:30 UTC
Last seen:2016-11-04 16:17:31 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-11-05 07:26:09
Malware samples:6
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-11-04 16:17:31671864458d45b96d4cf702cff62f02a6n/aGootkit 23.108.245.93:80
2016-11-04 16:17:31671864458d45b96d4cf702cff62f02a6n/aGootkit 23.108.245.93:80
2016-11-04 12:50:59bf2b34277b99ee72ea35ab62d00d4014Virustotal results 5/55 (9.09%) Gootkit 23.108.245.93:80
2016-11-04 12:50:59bf2b34277b99ee72ea35ab62d00d4014Virustotal results 5/55 (9.09%) Gootkit 23.108.245.93:80
2016-11-03 04:19:31ec50408b251aebb2ead3d996a0dde7aaVirustotal results 34/57 (59.65%) Gootkit 23.108.245.93:80
2016-11-03 04:19:31ec50408b251aebb2ead3d996a0dde7aaVirustotal results 34/57 (59.65%) Gootkit 23.108.245.93:80
2016-11-02 00:39:53246c3861b4c8729e510c51d08906d15en/aGootkit 23.108.245.93:80
2016-11-02 00:39:53246c3861b4c8729e510c51d08906d15en/aGootkit 23.108.245.93:80
2016-11-01 03:52:05876e18ad8236a90dc25f7e8e74d87d0fn/aGootkit 23.108.245.93:80
2016-11-01 03:52:05876e18ad8236a90dc25f7e8e74d87d0fn/aGootkit 23.108.245.93:80
2016-10-28 13:35:3066cc7841f8ba17828409a6d9583d8abdn/aGootkit 23.108.245.93:80
2016-10-28 13:35:3066cc7841f8ba17828409a6d9583d8abdn/aGootkit 23.108.245.93:80

# of entries: 12 (max: 100)