SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1e5ea2749884d3aac805979eadd0e45f9848a95b.

Database Entry

SHA1 Fingerprint:1e5ea2749884d3aac805979eadd0e45f9848a95b
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-10-03 03:48:07 UTC
Last seen:2016-11-16 08:37:29 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-10-25 10:13:37
Malware samples:51
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-11-16 08:37:29862416f138b109399b66609cb678d845n/aShylock 79.110.251.102:80
2016-11-16 08:37:29862416f138b109399b66609cb678d845n/aShylock 79.110.251.102:80
2016-11-15 08:16:237c4a00cf1410eec493069af3a06a5391n/aShylock 79.110.251.102:80
2016-11-15 08:16:237c4a00cf1410eec493069af3a06a5391n/aShylock 79.110.251.102:80
2016-11-14 22:13:216a16e9d209df5196de25ee772fe0d1f5n/aShylock 79.110.251.102:80
2016-11-14 22:13:216a16e9d209df5196de25ee772fe0d1f5n/aShylock 79.110.251.102:80
2016-11-14 18:05:4679ca1f0abeb1b7e392af587f5a24ecd6n/aShylock 79.110.251.102:80
2016-11-14 18:05:4679ca1f0abeb1b7e392af587f5a24ecd6n/aShylock 79.110.251.102:80
2016-11-14 08:49:28d5c4b02d734af9564d85f3134ed38307n/aShylock 79.110.251.102:80
2016-11-14 08:49:28d5c4b02d734af9564d85f3134ed38307n/aShylock 79.110.251.102:80
2016-11-04 21:30:35740c5f59df4c0ca20e456a4574efaef8n/aShylock 79.110.251.102:80
2016-11-04 21:30:35740c5f59df4c0ca20e456a4574efaef8n/aShylock 79.110.251.102:80
2016-11-04 08:49:28b9c244d1578589c2f1f70cfcf43aba47n/aShylock 79.110.251.102:80
2016-11-04 08:49:28b9c244d1578589c2f1f70cfcf43aba47n/aShylock 79.110.251.102:80
2016-11-03 11:48:414d6350bcc42398e715c50461b89ab5e9n/aShylock 79.110.251.102:80
2016-11-03 11:48:414d6350bcc42398e715c50461b89ab5e9n/aShylock 79.110.251.102:80
2016-11-03 01:42:26bb68fa0d3ac07fd6689e7dcd9cc414dan/aShylock 79.110.251.102:80
2016-11-03 01:42:26bb68fa0d3ac07fd6689e7dcd9cc414dan/aShylock 79.110.251.102:80
2016-11-02 11:49:24946bf98656180fae26bb2072b0ab063fn/aShylock 79.110.251.102:80
2016-11-02 11:49:24946bf98656180fae26bb2072b0ab063fn/aShylock 79.110.251.102:80
2016-11-02 04:24:36750bf62c973fe0edcfc35d9b91dbb3c8n/aShylock 79.110.251.102:80
2016-11-02 04:24:36750bf62c973fe0edcfc35d9b91dbb3c8n/aShylock 79.110.251.102:80
2016-10-30 14:55:08dde1e8cb5e19ec89bbf3522c91bd4849Virustotal results 23/57 (40.35%) Shylock 79.110.251.102:80
2016-10-30 14:55:08dde1e8cb5e19ec89bbf3522c91bd4849Virustotal results 23/57 (40.35%) Shylock 79.110.251.102:80
2016-10-28 13:01:114374f2d3eb5d2cc9e982817fc3ccd5a6n/aShylock 79.110.251.102:80
2016-10-28 13:01:114374f2d3eb5d2cc9e982817fc3ccd5a6n/aShylock 79.110.251.102:80
2016-10-28 05:19:26e4a48916f08b18f6529d184e5826547aVirustotal results 6/56 (10.71%) Shylock 79.110.251.102:80
2016-10-28 05:19:26e4a48916f08b18f6529d184e5826547aVirustotal results 6/56 (10.71%) Shylock 79.110.251.102:80
2016-10-28 05:13:52652bcb9c9790526f56c579b892735084n/aShylock 79.110.251.102:80
2016-10-28 05:13:52652bcb9c9790526f56c579b892735084n/aShylock 79.110.251.102:80
2016-10-27 22:55:05d746edd288065b9f6e8b609b9fe6768cVirustotal results 6/56 (10.71%) Gootkit 79.110.251.102:80
2016-10-27 22:55:05d746edd288065b9f6e8b609b9fe6768cVirustotal results 6/56 (10.71%) Gootkit 79.110.251.102:80
2016-10-27 10:52:07f9f8ec3472b423a5b6d7ad7606ae36c1n/aShylock 79.110.251.102:80
2016-10-27 10:52:07f9f8ec3472b423a5b6d7ad7606ae36c1n/aShylock 79.110.251.102:80
2016-10-26 12:10:302fafc1dd85504f748efbceff1b0385bfn/aShylock 79.110.251.102:80
2016-10-26 12:10:302fafc1dd85504f748efbceff1b0385bfn/aShylock 79.110.251.102:80
2016-10-26 09:46:08fb3670d5ceceeb776ab85ac0e15a5259Virustotal results 38/57 (66.67%) Gootkit 79.110.251.102:80
2016-10-26 09:46:08fb3670d5ceceeb776ab85ac0e15a5259Virustotal results 38/57 (66.67%) Gootkit 79.110.251.102:80
2016-10-26 09:13:51c0c5a7d683bb63fb2cf82726bb1f4eccn/aShylock 79.110.251.102:80
2016-10-26 09:13:51c0c5a7d683bb63fb2cf82726bb1f4eccn/aShylock 79.110.251.102:80
2016-10-26 06:07:2777bff8f6b951eecc21e9112f45ac6d74Virustotal results 25/62 (40.32%) Gootkit 79.110.251.102:80
2016-10-26 06:07:2777bff8f6b951eecc21e9112f45ac6d74Virustotal results 25/62 (40.32%) Gootkit 79.110.251.102:80
2016-10-26 00:15:43006c17b514b412575ff49df4c1cd8409Virustotal results 27/57 (47.37%) Gootkit 79.110.251.102:80
2016-10-26 00:15:43006c17b514b412575ff49df4c1cd8409Virustotal results 27/57 (47.37%) Gootkit 79.110.251.102:80
2016-10-25 14:25:13c38a7471b124b09c27089d5c62b1d7e0n/aGootkit 79.110.251.102:80
2016-10-25 14:25:13c38a7471b124b09c27089d5c62b1d7e0n/aGootkit 79.110.251.102:80
2016-10-25 09:59:090307e7a3ec5f36973eb5347c46b916c0n/aGootkit 79.110.251.102:80
2016-10-25 09:59:090307e7a3ec5f36973eb5347c46b916c0n/aGootkit 79.110.251.102:80
2016-10-25 05:13:372fccae2c76dde169cb2f672d55dfe48aVirustotal results 35/57 (61.40%) Gootkit 79.110.251.102:80
2016-10-25 05:13:372fccae2c76dde169cb2f672d55dfe48aVirustotal results 35/57 (61.40%) Gootkit 79.110.251.102:80
2016-10-24 16:40:507ec0ce513b0baa1d99812f8ca6b47ceen/aGootkit 79.110.251.102:80
2016-10-24 16:40:507ec0ce513b0baa1d99812f8ca6b47ceen/aGootkit 79.110.251.102:80
2016-10-24 15:43:3874e84110ef70665c066bb3fd10c94e12n/aGootkit 79.110.251.102:80
2016-10-24 15:43:3874e84110ef70665c066bb3fd10c94e12n/aGootkit 79.110.251.102:80
2016-10-24 13:12:43eb66706f8b417315e9e7a9e45a63d96an/aGootkit 79.110.251.102:80
2016-10-24 13:12:43eb66706f8b417315e9e7a9e45a63d96an/aGootkit 79.110.251.102:80
2016-10-24 02:27:58a8b868431c80ed47498d8a6f5cdde7f3n/aGootkit 79.110.251.102:80
2016-10-24 02:27:58a8b868431c80ed47498d8a6f5cdde7f3n/aGootkit 79.110.251.102:80
2016-10-23 10:48:41e7af6579a8c095d604233bcd5657c2faVirustotal results 6/55 (10.91%) Gootkit 79.110.251.102:80
2016-10-23 10:48:41e7af6579a8c095d604233bcd5657c2faVirustotal results 6/55 (10.91%) Gootkit 79.110.251.102:80
2016-10-23 00:53:52a7b69172175ba9f1a720bd3b9ced4e57Virustotal results 7/55 (12.73%) Gootkit 79.110.251.102:80
2016-10-23 00:53:52a7b69172175ba9f1a720bd3b9ced4e57Virustotal results 7/55 (12.73%) Gootkit 79.110.251.102:80
2016-10-21 02:44:24278fc3d549f143ac2635509f71e85cc4Virustotal results 8/57 (14.04%) Gootkit 79.110.251.102:80
2016-10-21 02:44:24278fc3d549f143ac2635509f71e85cc4Virustotal results 8/57 (14.04%) Gootkit 79.110.251.102:80
2016-10-17 02:03:41944b8f49905fea21849077127c5f9eedVirustotal results 39/56 (69.64%) Shylock 79.110.251.102:80
2016-10-17 02:03:41944b8f49905fea21849077127c5f9eedVirustotal results 39/56 (69.64%) Shylock 79.110.251.102:80
2016-10-15 15:17:0617bc8a2718f9534ce4b78d79d9487857Virustotal results 18/67 (26.87%) Gootkit 79.110.251.102:80
2016-10-15 15:17:0617bc8a2718f9534ce4b78d79d9487857Virustotal results 18/67 (26.87%) Gootkit 79.110.251.102:80
2016-10-15 00:46:2975ae25b6f9a833f2844c8579ec502182n/aGootkit 79.110.251.102:80
2016-10-15 00:46:2975ae25b6f9a833f2844c8579ec502182n/aGootkit 79.110.251.102:80
2016-10-13 12:14:41b47d4095b03b2eb4594b8bf3ce3b1ea7n/aGootkit 79.110.251.102:80
2016-10-13 12:14:41b47d4095b03b2eb4594b8bf3ce3b1ea7n/aGootkit 79.110.251.102:80
2016-10-13 06:38:467062b8c21e5fa31d21c1dad675417903n/aGootkit 79.110.251.102:80
2016-10-13 06:38:467062b8c21e5fa31d21c1dad675417903n/aGootkit 79.110.251.102:80
2016-10-12 18:16:03dc33f8042c4ecb698d91e482604e40d9n/aGootkit 79.110.251.102:80
2016-10-12 18:16:03dc33f8042c4ecb698d91e482604e40d9n/aGootkit 79.110.251.102:80
2016-10-11 09:31:57651faaa7086da711470b651431f9d9d9n/aGootkit 79.110.251.102:80
2016-10-11 09:31:57651faaa7086da711470b651431f9d9d9n/aGootkit 79.110.251.102:80
2016-10-11 07:45:0182fba654457c4add45fae38589a57a43Virustotal results 11/55 (20.00%) Gootkit 79.110.251.102:80
2016-10-11 07:45:0182fba654457c4add45fae38589a57a43Virustotal results 11/55 (20.00%) Gootkit 79.110.251.102:80
2016-10-08 17:48:51b516388470621cb6fd7b2909bfe9f904Virustotal results 6/56 (10.71%) Gootkit 79.110.251.102:80
2016-10-08 17:48:51b516388470621cb6fd7b2909bfe9f904Virustotal results 6/56 (10.71%) Gootkit 79.110.251.102:80
2016-10-08 16:06:500b0a8b06ce6a20343d4b2d923b8604aeVirustotal results 33/56 (58.93%) Gootkit 79.110.251.102:80
2016-10-08 16:06:500b0a8b06ce6a20343d4b2d923b8604aeVirustotal results 33/56 (58.93%) Gootkit 79.110.251.102:80
2016-10-08 16:01:38213f85def378b146c8470847e1f4f52cn/aGootkit 79.110.251.102:80
2016-10-08 16:01:38213f85def378b146c8470847e1f4f52cn/aGootkit 79.110.251.102:80
2016-10-07 21:12:5491789ef3f06ec3da536741b9cc4c261eVirustotal results 24/56 (42.86%) Gootkit 79.110.251.102:80
2016-10-07 21:12:5491789ef3f06ec3da536741b9cc4c261eVirustotal results 24/56 (42.86%) Gootkit 79.110.251.102:80
2016-10-07 16:20:083c7cb993aa07b7fa4c33d6a7be7684d4n/aGootkit 79.110.251.102:80
2016-10-07 16:20:083c7cb993aa07b7fa4c33d6a7be7684d4n/aGootkit 79.110.251.102:80
2016-10-07 10:16:52c4f17c8b852521c109d29276db5773e6n/aGootkit 79.110.251.102:80
2016-10-07 10:16:52c4f17c8b852521c109d29276db5773e6n/aGootkit 79.110.251.102:80
2016-10-07 00:48:370d7ab10ad81185e96d3e059d8fc8ea24n/aGootkit 79.110.251.102:80
2016-10-07 00:48:370d7ab10ad81185e96d3e059d8fc8ea24n/aGootkit 79.110.251.102:80
2016-10-06 23:57:01fdb7093ffb472f6abfa71073f3136a85n/aGootkit 79.110.251.102:80
2016-10-06 23:57:01fdb7093ffb472f6abfa71073f3136a85n/aGootkit 79.110.251.102:80
2016-10-04 21:40:23aba564a978b0042c0707b4b7b1fb7c53Virustotal results 32/56 (57.14%) Gootkit 79.110.251.102:80
2016-10-04 21:40:23aba564a978b0042c0707b4b7b1fb7c53Virustotal results 32/56 (57.14%) Gootkit 79.110.251.102:80
2016-10-04 10:33:05fbd9f6422ff1ccd0754d3f807fa3c729n/aGootkit 79.110.251.102:80
2016-10-04 10:33:05fbd9f6422ff1ccd0754d3f807fa3c729n/aGootkit 79.110.251.102:80

# of entries: 100 (max: 100)