SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1994a0b034b02da73b2fe9a170f8ce527140c9f0.

Database Entry


SHA1 Fingerprint:1994a0b034b02da73b2fe9a170f8ce527140c9f0
Certificate Common Name (CN):*.google.com/emailAddress=webmaster@google.com
Issuer Distinguished Name (DN):*.google.com/emailAddress=webmaster@google.com
TLS Version:TLSv1
First seen:2015-12-06 20:32:34 UTC
Last seen:2016-01-10 12:59:49 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2015-12-07 07:22:36
Malware samples:19
Botnet C&Cs:4

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-01-10 12:59:49abef1e94f43c8ecf9e6753d210f17149n/aGootkit 192.227.158.140:80
2015-12-16 14:15:201ae018ce26ba37500dd4de4f139dad2bn/aGootkit 185.45.192.210:80
2015-12-15 18:23:29c2b8541e8b7d2a835e08a7a2a06bdcb8n/aGootkit 185.45.192.210:80
2015-12-14 09:38:52ce25d6d102d70e4ca11921f4c400640fn/aGootkit 185.45.192.210:80
2015-12-12 07:45:302ac972366397b666c23f7d07ff65d2e2n/aGootkit 192.227.158.140:80
2015-12-12 03:22:26767f57c2ac6529ae7e58b5e50d1dc82dn/aGootkit 192.227.158.140:80
2015-12-12 02:31:5208ec6b66de840b357c5619dfb96ff45fn/aGootkit 192.227.158.140:80
2015-12-11 17:57:5536d665d3b9c8352ad4ffc6e58a697685n/aGootkit 192.227.158.140:80
2015-12-11 17:27:4987eab5b95f6eb2fcc16eb12b0165a4ffn/aGootkit 43.249.36.86:80
2015-12-11 12:21:15f0f0c7b2634a3265bc49c9e03c2dedb6n/aGootkit 192.227.158.140:80
2015-12-11 05:50:595ce3a2a08be5b65be5d2564efbb9abfbVirustotal results 7/56 (12.50%) Gootkit 192.227.158.140:80
2015-12-10 15:19:3978793b123932078e4a04807df4946562Virustotal results 43/67 (64.18%) Gootkit 192.227.158.140:80
2015-12-10 14:02:506dfc282b1b24258e7d4dff73e6a6fda8n/aGootkit 192.227.158.140:80
2015-12-10 13:42:302d590ef31187eeae7b1c2acaf4af9491Virustotal results 32/53 (60.38%) Gootkit 192.227.158.140:80
2015-12-10 10:43:57fdb41f9a22b9d662cc5e8f3b505ce172Virustotal results 21/54 (38.89%) Gootkit 192.227.158.140:80
2015-12-09 19:25:5758d9dc50c7a3825113ef021bf2ee0ab6n/aGootkit 108.61.178.212:80
2015-12-07 09:13:5229cf781dbbef2c0b546e1aa347a04f70Virustotal results 7/55 (12.73%) Gootkit 108.61.178.212:80
2015-12-07 05:58:13eb2284fc5d060b9a4819e75a1732f5ceVirustotal results 13/54 (24.07%) Gootkit 108.61.178.212:80
2015-12-06 20:32:34b982a4dc4610ab8e707f3492d2212942Virustotal results 18/55 (32.73%) Gootkit 108.61.178.212:80

# of entries: 19 (max: 100)