SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 28d41a178f3bb456355759c2f2fe9728d1326d89.

Database Entry


SHA1 Fingerprint:28d41a178f3bb456355759c2f2fe9728d1326d89
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:SSLv3
First seen:2015-06-30 20:00:51 UTC
Last seen:2015-07-17 09:00:02 UTC
Status:Blacklisted
Listing reason:KINS C&C
Listing date:2015-07-01 07:54:20
Malware samples:5
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-07-17 09:00:0212e367ce109f6521422ff690bea97dbaVirustotal results 3/55 (5.45%) ZeuS 5.39.52.203:443
2015-07-16 22:44:05375cfa6468d9616acde26eed2c973322Virustotal results 3/55 (5.45%) ZeuS 5.39.52.203:443
2015-07-15 17:14:03180388a400e302df4537bf77cd599b6dVirustotal results 31/56 (55.36%) ZeuS 5.39.52.203:443
2015-07-14 00:49:38a5fff6636e7d9c4b385ac60a5e4ea435Virustotal results 2/53 (3.77%) ZeuS 5.39.52.203:443
2015-06-30 20:00:51231e57a86e85d52525b0b5fca1bafd97Virustotal results 6/56 (10.71%) ZeuS 5.39.52.203:443

# of entries: 5 (max: 100)