SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1b1eedd19f9f11337ebae28a03c4a9d660eeb3a8.

Database Entry


SHA1 Fingerprint:1b1eedd19f9f11337ebae28a03c4a9d660eeb3a8
Certificate Common Name (CN):localhost.localdomain/emailAddress=root@localhost.localdomain
Issuer Distinguished Name (DN):localhost.localdomain/emailAddress=root@localhost.localdomain
TLS Version:TLS 1.2
First seen:2016-12-04 05:19:11 UTC
Last seen:2018-12-22 18:35:54 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2017-01-29 09:37:56
Malware samples:103
Botnet C&Cs:3

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-12-22 18:35:54a4ec7d9fe6edcb012fe2dbea1ae1de8dVirustotal results 44/70 (62.86%) URLzone 64.71.166.50:443
2018-11-09 08:04:58a276ad53f2c5e9808c9cfd05f9de5672Virustotal results 29/66 (43.94%) 216.218.208.114:80
2018-11-08 21:46:05b94c5fdaadea917c6e0aa13801341169Virustotal results 41/68 (60.29%) 216.218.208.114:80
2018-07-30 04:16:2701cf422f02f35dbdcfbef66b20a74678Virustotal results 34/56 (60.71%) Gootkit 216.218.208.114:80
2018-07-27 10:08:44b4ed9ade51702de807805f4a6e926f3aVirustotal results 51/67 (76.12%) Gootkit 216.218.208.114:80
2018-07-27 09:41:32c233f7b80f8e50ef2e4b590cd8fd0950Virustotal results 42/57 (73.68%) Gootkit 216.218.208.114:80
2018-07-17 07:48:25cef558ae789541bb784a1bf80058d611Virustotal results 49/64 (76.56%) 216.218.208.114:80
2018-07-15 22:14:59a77ddb92bdbb1a6ad4a5c68ff9f4cf5aVirustotal results 49/68 (72.06%) Gootkit 216.218.208.114:80
2018-04-12 20:06:57b90f1b72e3855ef6f6558d9ca5105047Virustotal results 49/68 (72.06%) Gootkit 216.218.208.114:80
2018-04-11 12:28:46be46bbcf8f9dc651f3525fb8b372e2e2Virustotal results 48/67 (71.64%) Gootkit 216.218.208.114:80
2018-04-11 01:33:58bb346d74e9fafd7a7703db7e750ed92cVirustotal results 32/68 (47.06%) 216.218.208.114:80
2018-04-11 00:54:24b6eec7232817eb7a32fb54086c2dde49Virustotal results 24/68 (35.29%) 184.105.192.2:443
2018-04-10 17:14:46b72f858dcbe3db4a6ae3f35d9c4de245Virustotal results 38/67 (56.72%) Gootkit 216.218.208.114:80
2018-03-27 16:57:40b806190ada5da088c0816ff7d50a85c7Virustotal results 48/68 (70.59%) Gootkit 216.218.208.114:80
2018-03-24 15:35:26b7daf77273c4174885b7f08921124717Virustotal results 51/68 (75.00%) Gootkit 216.218.208.114:80
2018-03-24 11:50:41b8dffbc30307b5500aeb46cb0bfa4265Virustotal results 36/68 (52.94%) Gootkit 216.218.208.114:80
2018-03-04 12:22:35be2dc65f9d077f945f89121abad17135Virustotal results 50/68 (73.53%) Gootkit 216.218.208.114:80
2018-02-23 18:06:02bac8535354c911654eb01d99e17f2544Virustotal results 50/68 (73.53%) Gootkit 216.218.208.114:80
2018-02-07 22:32:56a25bee284cb9366da5c625e06759bd29Virustotal results 32/67 (47.76%) Gootkit 216.218.208.114:80
2018-02-05 11:40:58a5fa4b6576bd81c35b15178bcc6cb028Virustotal results 41/68 (60.29%) 216.218.208.114:80
2018-02-04 20:50:25a8cb2f2026d6499e0d776e12b18d27d2Virustotal results 23/68 (33.82%) 216.218.208.114:80
2018-02-04 06:30:52a29a95c39e9dcbd1f0b81ab01f5a1345Virustotal results 38/68 (55.88%) Gootkit 216.218.208.114:80
2018-02-03 10:32:10a079e2e11e27208ddedf863859d143b1Virustotal results 47/68 (69.12%) Gootkit 216.218.208.114:80
2018-02-03 08:09:49a041027df80fc224c31cd6d306327868Virustotal results 47/68 (69.12%) Gootkit 216.218.208.114:80
2018-02-02 22:44:38a0451ccb6689125f94d6ee815f59cff0Virustotal results 49/68 (72.06%) Gootkit 216.218.208.114:80
2018-01-27 05:31:58bc16f4d8d204deb57a56d17889d604e2Virustotal results 34/68 (50.00%) Gootkit 216.218.208.114:80
2018-01-10 07:41:27bc9cfbd1dcc6b00901156885ebb4b15aVirustotal results 51/67 (76.12%) Gootkit 216.218.208.114:80
2017-12-23 02:23:58a21289389bfdb21ed06d86f7eb34a038Virustotal results 40/63 (63.49%) Gootkit 216.218.208.114:80
2017-12-18 03:23:00b9f4229e9da60c1ebd70932e33402f18Virustotal results 48/68 (70.59%) Gootkit 216.218.208.114:80
2017-12-17 10:49:57a2d0e9ef30240b7644c122b7cbd1239fVirustotal results 39/67 (58.21%) Gootkit 216.218.208.114:80
2017-12-15 10:42:14a2012cc7940b6c5e1c1058488c664071Virustotal results 49/68 (72.06%) Gootkit 216.218.208.114:80
2017-12-15 05:25:50a2837cb1804e2e8860494dbb93f8214fVirustotal results 49/68 (72.06%) Gootkit 216.218.208.114:80
2017-12-15 02:03:40a25514e164d5526537ecd23301948987Virustotal results 31/68 (45.59%) Gootkit 216.218.208.114:80
2017-12-11 19:18:29b8b5801addae1812e8f90d28bc09d4f8Virustotal results 48/67 (71.64%) Gootkit 216.218.208.114:80
2017-12-11 19:04:22a72e309d79a76a2299974305526017beVirustotal results 49/68 (72.06%) Gootkit 216.218.208.114:80
2017-12-11 13:30:17a0d62ec2a04c3a251c7d7c7e2349e7a8Virustotal results 48/68 (70.59%) Gootkit 216.218.208.114:80
2017-12-08 20:44:21bc72cda78946d9221d8141a6ea2c563eVirustotal results 41/68 (60.29%) Gootkit 216.218.208.114:80
2017-12-08 12:58:20a093a6a3e6924d3a08427e5128536874Virustotal results 36/68 (52.94%) Gootkit 216.218.208.114:80
2017-12-05 08:34:34a1e9735f1b5f6d7b72e04accaa411d6aVirustotal results 49/68 (72.06%) Gootkit 216.218.208.114:80
2017-12-05 06:50:41a12b8414e4325b026e96ad54e672aae0Virustotal results 30/67 (44.78%) Gootkit 216.218.208.114:80
2017-12-04 09:42:16a0f94f6907ebc62238a0296cc61d7976Virustotal results 24/68 (35.29%) Gootkit 216.218.208.114:80
2017-12-04 07:01:02a2a4dd53f72625c6f6ad48ca421d5693Virustotal results 45/68 (66.18%) ZeuS 184.105.192.2:443
2017-12-04 06:05:39adf732548a07912676e1ce5c3da1c966Virustotal results 40/68 (58.82%) Gootkit 216.218.208.114:80
2017-12-03 21:56:27a1a06874949d7561522a21b8b66bb47eVirustotal results 49/67 (73.13%) Gootkit 216.218.208.114:80
2017-12-03 10:58:48ad3e6c016d875764f8824a162eced370Virustotal results 36/68 (52.94%) 216.218.208.114:80
2017-12-02 15:19:39ad77233da24d13c4f28f021828cb8f68Virustotal results 53/68 (77.94%) Gootkit 216.218.208.114:80
2017-12-02 11:47:42acfba0505cc12f9004b697ebd1067c43Virustotal results 53/68 (77.94%) Gootkit 216.218.208.114:80
2017-12-01 17:44:44a274ff36084ac2769e3e15ba3bdc6207Virustotal results 49/68 (72.06%) Gootkit 216.218.208.114:80
2017-12-01 13:59:28a2ac4e9adb4d44d92482d06709a6c9b7Virustotal results 38/68 (55.88%) Gootkit 216.218.208.114:80
2017-12-01 05:59:04a20a001265174b814152a2c1ca5ff3a5Virustotal results 32/67 (47.76%) Gootkit 216.218.208.114:80
2017-11-30 21:10:46a3298b9cb3015bafbfbf047ac7a45a06Virustotal results 36/68 (52.94%) 216.218.208.114:80
2017-11-29 18:55:59a099fd8ce107a784816ad9dca924a267Virustotal results 36/68 (52.94%) Gootkit 216.218.208.114:80
2017-11-29 18:54:36a0b5f7f1b9c8f5e1acb10a3318d3cc8aVirustotal results 29/67 (43.28%) Gootkit 216.218.208.114:80
2017-11-29 14:33:30a058f9edecd739ef33285fa8d5bdac45Virustotal results 17/68 (25.00%) Gootkit 216.218.208.114:80
2017-11-29 00:30:28a33b84a5243591ae17a6e71a711bdf18Virustotal results 33/67 (49.25%) Gootkit 216.218.208.114:80
2017-11-29 00:10:12a35d577e5f65c3254aa5823f7a0e1e47Virustotal results 31/68 (45.59%) 216.218.208.114:80
2017-11-28 10:14:23a31209be51769226559a7a7848b52890Virustotal results 39/68 (57.35%) Gootkit 216.218.208.114:80
2017-11-28 03:34:21a277e3f6bd12d6eb1350119a11e218f2Virustotal results 51/68 (75.00%) Gootkit 216.218.208.114:80
2017-11-27 19:35:27a083d33ce032149072b12d7a825b5c00Virustotal results 49/68 (72.06%) Gootkit 216.218.208.114:80
2017-10-31 13:58:408b639201ae1339d0739d4917b7df4cean/a216.218.208.114:80
2017-09-04 22:41:47a4d3f0f9253f87115ef5ae00699032daVirustotal results 28/50 (56.00%) URLzone 64.71.166.50:443
2017-09-02 00:28:44ff4da785be5b4e2bdef83968a3b5a1b0Virustotal results 37/57 (64.91%) URLzone 64.71.166.50:443
2017-08-29 07:07:14f23004ff3e158a67c2bd5d97ba155efdVirustotal results 29/50 (58.00%) URLzone 64.71.166.50:443
2017-08-29 04:49:44b8c3820709e0f75c6e85a34124348799Virustotal results 31/53 (58.49%) URLzone 64.71.166.50:443
2017-08-28 16:44:068e3766b2df61ce5571682e17b2b91a3cVirustotal results 30/48 (62.50%) URLzone 64.71.166.50:443
2017-08-26 18:00:149a693357d8539f57f91450a79e8ec174Virustotal results 31/51 (60.78%) URLzone 64.71.166.50:443
2017-08-24 16:37:34bd70beda4387a476b61d973bb7fb3f9eVirustotal results 26/57 (45.61%) URLzone 64.71.166.50:443
2017-05-06 11:29:37d21471cecfaae8f11df2d136f7d5f3b7Virustotal results 27/54 (50.00%) 216.218.208.114:80
2017-05-05 14:46:4061b24b79e4dddeddb8f3545037fda66dVirustotal results 14/54 (25.93%) 216.218.208.114:80
2017-05-04 19:12:211b2d6842c55fee8bdc0605b5407d63f1Virustotal results 38/60 (63.33%) VirLock216.218.208.114:80
2017-05-01 03:26:528f8016c0b0c4447efe06da8791902e9bVirustotal results 25/57 (43.86%) Gootkit 216.218.208.114:80
2017-04-30 03:42:534dec8e6b3f0f522d5f0e27108748caa0Virustotal results 47/56 (83.93%) Gootkit 216.218.208.114:80
2017-04-29 23:36:36315f9fe2be8404695b9fa9f4603d54e5Virustotal results 21/57 (36.84%) Gootkit 216.218.208.114:80
2017-04-27 19:08:436ea227b1f6d3a34ac1431216c82622f6Virustotal results 36/52 (69.23%) 216.218.208.114:80
2017-04-27 17:13:4175265fdcdec98c19f5474539f3362a10Virustotal results 54/62 (87.10%) Dalexis216.218.208.114:80
2017-04-27 09:41:31409b876566bb827d1f8c18c72ddfc066Virustotal results 46/62 (74.19%) 216.218.208.114:80
2017-03-30 02:45:25c225f9e0e404ae90da2c4f0d264a06b8Virustotal results 46/60 (76.67%) Gootkit 216.218.208.114:80
2017-03-11 03:22:51f27d20d1506174e9c948cf5b3b5a0a8fVirustotal results 38/55 (69.09%) Gootkit 216.218.208.114:80
2017-03-02 16:28:338085a54c111bcc41a7a42b335d6ef1c5Virustotal results 43/59 (72.88%) Gootkit 216.218.208.114:80
2017-02-24 17:28:187ca26751282c0cc42460531835743ed1Virustotal results 33/58 (56.90%) Gootkit 216.218.208.114:80
2017-02-04 02:58:560330f1caebcc3a3d5e4f7d64dbfed255Virustotal results 42/57 (73.68%) Gootkit 216.218.208.114:80
2017-01-28 23:50:49d79e166c3b900e1a9467a1549f7eea42Virustotal results 42/57 (73.68%) Gootkit 216.218.208.114:80
2017-01-07 14:49:51d761d4f260bcf0fa881d99303b1eda74Virustotal results 29/52 (55.77%) Gootkit 216.218.208.114:80
2017-01-03 14:15:02e0da630277640bfc622a7b7cdcf39ae7Virustotal results 30/57 (52.63%) ZeuS 184.105.192.2:443
2017-01-03 06:49:240e790f5860aa5e457539191f15f95dd8Virustotal results 37/52 (71.15%) Gootkit 216.218.208.114:80
2016-12-27 02:53:354f5be7508ad1a4c5128b25869e17a235Virustotal results 8/56 (14.29%) Gootkit 216.218.208.114:80
2016-12-27 02:40:4759d0ae7370cdff2c672a09c4aeba39caVirustotal results 29/54 (53.70%) Gootkit 216.218.208.114:80
2016-12-25 22:49:13ce77d4e1917c063c03b32d58a507de5fVirustotal results 32/56 (57.14%) Gootkit 216.218.208.114:80
2016-12-25 13:38:57e7689bf5b51c34a8b03242da4d50bf4cVirustotal results 32/54 (59.26%) Gootkit 216.218.208.114:80
2016-12-23 18:04:56d8ffe185b23ca820fec18f6b635901ccVirustotal results 34/56 (60.71%) Gootkit 216.218.208.114:80
2016-12-23 10:53:38190a669792f85a8b6a90caed6689add2Virustotal results 29/56 (51.79%) Gootkit 216.218.208.114:80
2016-12-23 09:33:01fd430fd5ee79052f6697a44645da79b9Virustotal results 38/57 (66.67%) Gootkit 216.218.208.114:80
2016-12-22 18:33:32cbc85edecdf378da229bc208b09cf706Virustotal results 31/56 (55.36%) Gootkit 216.218.208.114:80
2016-12-22 18:12:5185936b9d787c433bd0539b030ae24486Virustotal results 30/56 (53.57%) Gootkit 216.218.208.114:80
2016-12-22 17:16:50e0e6ea014072f1a0f2d3c55d24364008Virustotal results 20/56 (35.71%) Gootkit 216.218.208.114:80
2016-12-22 15:26:13e7566bda4292061ffc04085a937aff74Virustotal results 40/54 (74.07%) Gootkit 216.218.208.114:80
2016-12-21 00:59:44a64c5be0a2e7ee36a472c7615f21cd9fVirustotal results 33/55 (60.00%) Gootkit 216.218.208.114:80
2016-12-16 00:52:58f2b0e7f1f08c81f85cd658846b605121Virustotal results 32/57 (56.14%) 216.218.208.114:80
2016-12-15 17:12:1618766840553512d3d80249e5c8ddcf16Virustotal results 26/57 (45.61%) ZeuS 184.105.192.2:443
2016-12-12 13:39:45a1365020b458b4f5a6f03b961a288934Virustotal results 39/57 (68.42%) Gootkit 216.218.208.114:80

# of entries: 100 (max: 100)