SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 0bf547c6015059dabb10f7af8fe388e314bdfada.

Database Entry


SHA1 Fingerprint:0bf547c6015059dabb10f7af8fe388e314bdfada
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:SSLv3
First seen:2014-06-24 09:09:29 UTC
Last seen:2014-06-25 07:29:43 UTC
Status:Blacklisted
Listing reason:Shylock C&C
Listing date:2014-06-24 10:39:23
Malware samples:28
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2014-06-25 07:29:43fc4d5fc760b53baec6d64c41292e99d3Virustotal results 26/53 (49.06%) Shylock 191.101.1.94:443
2014-06-25 07:28:4793083da42a3c3b5fd0d84a9c46887ef6Virustotal results 34/55 (61.82%) Shylock 191.101.1.94:443
2014-06-25 07:23:48a383e197f08956d7ba238d80c0f28c04Virustotal results 19/54 (35.19%) Shylock 191.101.1.94:443
2014-06-25 06:42:285c159dd0edb412894508ced0a3da1d65Virustotal results 22/53 (41.51%) Shylock 191.101.1.94:443
2014-06-25 06:11:4372d76d817dd1764be712295f75ac2ee2Virustotal results 3/54 (5.56%) Shylock 191.101.1.94:443
2014-06-25 05:55:36ef04ded64ad76627cabffc7252beb8a8Virustotal results 26/54 (48.15%) Shylock 191.101.1.94:443
2014-06-25 05:40:34341cfaf9ddefa2990b20115cc97c9e7cVirustotal results 18/53 (33.96%) Shylock 191.101.1.94:443
2014-06-25 05:12:142950848d501a4502527f2305189743f4Virustotal results 7/53 (13.21%) Shylock 191.101.1.94:443
2014-06-25 03:51:03826ac9cc831c11d1bc5af4d923a9a29fVirustotal results 8/54 (14.81%) Shylock 191.101.1.94:443
2014-06-25 02:18:48d7ae455db7d62b471f9fa47216ca58efVirustotal results 19/52 (36.54%) Shylock 191.101.1.94:443
2014-06-25 01:51:0417a3fb26849c80299a6f5fc5817212acVirustotal results 22/54 (40.74%) Shylock 191.101.1.94:443
2014-06-25 00:34:3162b42368249b6bea3e91542fccd23022Virustotal results 32/51 (62.75%) Shylock 191.101.1.94:443
2014-06-25 00:24:224a0ef84f018aabcccc47dd1f8cd52f24Virustotal results 1/53 (1.89%) Shylock 191.101.1.94:443
2014-06-24 23:24:286c1a5120738db8345dc553f15ca05030Virustotal results 27/53 (50.94%) Shylock 191.101.1.94:443
2014-06-24 21:21:32398465383003fa58c2fdb60255550782Virustotal results 39/55 (70.91%) Shylock 191.101.1.94:443
2014-06-24 20:27:1510fb6ca2d09da798a547a8e1d523d730Virustotal results 5/54 (9.26%) Shylock 191.101.1.94:443
2014-06-24 19:55:50e17bea5c24307f0a7ceb0834e38699cfVirustotal results 24/54 (44.44%) Shylock 191.101.1.94:443
2014-06-24 18:05:43bc65d0408a28268f6181dd5bba8ce3fbVirustotal results 29/54 (53.70%) Shylock 191.101.1.94:443
2014-06-24 16:31:294adcad3a0f14ae554abd41c3ee41aae0Virustotal results 22/54 (40.74%) Shylock 191.101.1.94:443
2014-06-24 16:15:235614e5ed3ff34c24b0c71ddeeb1856a3Virustotal results 30/54 (55.56%) Shylock 191.101.1.94:443
2014-06-24 15:55:134b7eb3e3406612b5f3d3e5ba25b30a67Virustotal results 33/54 (61.11%) Shylock 191.101.1.94:443
2014-06-24 15:24:18b48ef0c01bd2dcb974106ed90a4cef68Virustotal results 24/54 (44.44%) Shylock 191.101.1.94:443
2014-06-24 14:09:222fb9ab5698110d861259caab562e018cVirustotal results 30/54 (55.56%) Shylock 191.101.1.94:443
2014-06-24 13:17:55a8f577b42de293d551930dfcaeb156baVirustotal results 31/54 (57.41%) Shylock 191.101.1.94:443
2014-06-24 11:06:236ed0c65104670d354fef4f43cddea192Virustotal results 31/54 (57.41%) Shylock 191.101.1.94:443
2014-06-24 10:32:487167874ade1292524097643aef76bfc7Virustotal results 27/54 (50.00%) Shylock 191.101.1.94:443
2014-06-24 09:11:411b2a49f199d9a5c57fa4d1b1ee76ae97Virustotal results 23/54 (42.59%) Shylock 191.101.1.94:443
2014-06-24 09:09:292ddf550342585b3a8b800576d86a6cecVirustotal results 28/53 (52.83%) Shylock 191.101.1.94:443

# of entries: 28 (max: 100)