SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 279c807de6cb27726d4cc57fa47cac9450b9c69e.

Database Entry


SHA1 Fingerprint:279c807de6cb27726d4cc57fa47cac9450b9c69e
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:SSLv3
First seen:2014-04-30 15:24:30 UTC
Last seen:2014-05-04 19:23:38 UTC
Status:Blacklisted
Listing reason:Shylock C&C
Listing date:2014-05-04 08:24:31
Malware samples:4
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2014-05-04 19:23:38b40f77595c702c596bf9db24125ffbc7Virustotal results 7/51 (13.73%) Shylock 192.210.16.230:443
2014-05-04 15:37:02adab04ffb3c90edf2b2a7ff7d0bc1e9aVirustotal results 36/57 (63.16%) Shylock 192.210.16.230:443
2014-05-03 14:26:379bbc6c52a6e44ca795a43ecdb06ba50dVirustotal results 7/51 (13.73%) Shylock 192.210.16.230:443
2014-04-30 15:24:302100a9e3533bd14fd5f7fd1b05edfe25Virustotal results 20/52 (38.46%) Shylock 192.210.16.230:443

# of entries: 4 (max: 100)