SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 2e140f074bffade9c9207e3c60d27b2716fe6a63.

Database Entry

SHA1 Fingerprint:	2e140f074bffade9c9207e3c60d27b2716fe6a63
Certificate Common Name (CN):	localhost
Issuer Distinguished Name (DN):	localhost
TLS Version:	SSLv3
First seen:	2014-06-26 15:02:19 UTC
Last seen:	2014-07-01 08:09:03 UTC
Status:	Blacklisted
Listing reason:	Shylock C&C
Listing date:	2014-06-26 17:34:25
Malware samples:	60
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2014-07-01 08:09:03	b42e4384ac9a7b8db9b776fb3c349db0	22/54 (40.74%)	Shylock	80.240.133.36:443
2014-07-01 08:09:03	b42e4384ac9a7b8db9b776fb3c349db0	22/54 (40.74%)	Shylock	80.240.133.36:443
2014-06-29 06:56:15	ae962cf8a2d1b2d2d96fe876b87ae727	21/54 (38.89%)	Shylock	80.240.133.36:443
2014-06-29 06:56:15	ae962cf8a2d1b2d2d96fe876b87ae727	21/54 (38.89%)	Shylock	80.240.133.36:443
2014-06-29 06:14:58	ac6db4f295f1ecdc27af5956d383bef6	21/54 (38.89%)	Shylock	80.240.133.36:443
2014-06-29 06:14:58	ac6db4f295f1ecdc27af5956d383bef6	21/54 (38.89%)	Shylock	80.240.133.36:443
2014-06-28 21:55:07	a2fc094e828cf80cff989d6b3c57c8e7	34/53 (64.15%)	Shylock	80.240.133.36:443
2014-06-28 21:55:07	a2fc094e828cf80cff989d6b3c57c8e7	34/53 (64.15%)	Shylock	80.240.133.36:443
2014-06-28 16:40:58	a14c00868ccf2055513d34e91d30ca25	31/54 (57.41%)	Shylock	80.240.133.36:443
2014-06-28 16:40:58	a14c00868ccf2055513d34e91d30ca25	31/54 (57.41%)	Shylock	80.240.133.36:443
2014-06-28 16:17:15	a13642e2ad8ebf26b9b8d7306e83cb49	22/54 (40.74%)		80.240.133.36:443
2014-06-28 16:17:15	a13642e2ad8ebf26b9b8d7306e83cb49	22/54 (40.74%)		80.240.133.36:443
2014-06-28 12:25:16	9ab1fcfc2797132e11ace44eeb18e8af	34/53 (64.15%)	Shylock	80.240.133.36:443
2014-06-28 12:25:16	9ab1fcfc2797132e11ace44eeb18e8af	34/53 (64.15%)	Shylock	80.240.133.36:443
2014-06-28 12:05:44	98942dd3b9d6a19069253badfdfc222a	22/54 (40.74%)	Shylock	80.240.133.36:443
2014-06-28 12:05:44	98942dd3b9d6a19069253badfdfc222a	22/54 (40.74%)	Shylock	80.240.133.36:443
2014-06-28 11:04:39	90d953be6a814b521ef4197e94775dbe	32/53 (60.38%)	Shylock	80.240.133.36:443
2014-06-28 11:04:39	90d953be6a814b521ef4197e94775dbe	32/53 (60.38%)	Shylock	80.240.133.36:443
2014-06-28 09:56:55	86b5d49ffef1e79da0cabcc2a8e7b35a	17/54 (31.48%)	Shylock	80.240.133.36:443
2014-06-28 09:56:55	86b5d49ffef1e79da0cabcc2a8e7b35a	17/54 (31.48%)	Shylock	80.240.133.36:443
2014-06-28 08:18:31	c7335bfbd52295936c57ae37956ce075	12/54 (22.22%)	Shylock	80.240.133.36:443
2014-06-28 08:18:31	c7335bfbd52295936c57ae37956ce075	12/54 (22.22%)	Shylock	80.240.133.36:443
2014-06-28 07:47:13	2099d27b0866d35d024b7bda7278871b	31/54 (57.41%)	Shylock	80.240.133.36:443
2014-06-28 07:47:13	2099d27b0866d35d024b7bda7278871b	31/54 (57.41%)	Shylock	80.240.133.36:443
2014-06-28 07:42:19	67461cccdb30bc405de3f1a84977e865	23/54 (42.59%)	Shylock	80.240.133.36:443
2014-06-28 07:42:19	67461cccdb30bc405de3f1a84977e865	23/54 (42.59%)	Shylock	80.240.133.36:443
2014-06-28 07:39:07	13bf9988b7db0f6b5c6df0966ce179b6	29/54 (53.70%)		80.240.133.36:443
2014-06-28 07:39:07	13bf9988b7db0f6b5c6df0966ce179b6	29/54 (53.70%)		80.240.133.36:443
2014-06-28 07:33:36	4dcb162ab13d62b7a344883c6a6d2b70	25/54 (46.30%)	Shylock	80.240.133.36:443
2014-06-28 07:33:36	4dcb162ab13d62b7a344883c6a6d2b70	25/54 (46.30%)	Shylock	80.240.133.36:443
2014-06-28 07:32:15	01da71ef2cc7590fd539a080b5ac576c	32/55 (58.18%)	Shylock	80.240.133.36:443
2014-06-28 07:32:15	01da71ef2cc7590fd539a080b5ac576c	32/55 (58.18%)	Shylock	80.240.133.36:443
2014-06-28 07:02:49	c003d0cbf4ab2ca365f3ce4a8371b2a7	4/49 (8.16%)	Shylock	80.240.133.36:443
2014-06-28 07:02:49	c003d0cbf4ab2ca365f3ce4a8371b2a7	4/49 (8.16%)	Shylock	80.240.133.36:443
2014-06-28 06:03:34	2ba5fab2a48082377b91c4b3c04f4bb1	23/54 (42.59%)	Shylock	80.240.133.36:443
2014-06-28 06:03:34	2ba5fab2a48082377b91c4b3c04f4bb1	23/54 (42.59%)	Shylock	80.240.133.36:443
2014-06-28 05:36:29	36f88de2931eb238d487298af7653172	28/54 (51.85%)	Shylock	80.240.133.36:443
2014-06-28 05:36:29	36f88de2931eb238d487298af7653172	28/54 (51.85%)	Shylock	80.240.133.36:443
2014-06-28 05:32:52	453fa948c8a9bb5d797f7ea037c01109	19/54 (35.19%)	Shylock	80.240.133.36:443
2014-06-28 05:32:52	453fa948c8a9bb5d797f7ea037c01109	19/54 (35.19%)	Shylock	80.240.133.36:443
2014-06-28 04:43:03	573bdb8e4c4469457fe3f38d3f47e7d0	1/49 (2.04%)		80.240.133.36:443
2014-06-28 04:43:03	573bdb8e4c4469457fe3f38d3f47e7d0	1/49 (2.04%)		80.240.133.36:443
2014-06-28 03:53:26	e42b63c6b823daa592601e84d10b644b	2/53 (3.77%)		80.240.133.36:443
2014-06-28 03:53:26	e42b63c6b823daa592601e84d10b644b	2/53 (3.77%)		80.240.133.36:443
2014-06-28 03:13:19	3466b72cb85131945088f8719d4abc81	28/54 (51.85%)	Shylock	80.240.133.36:443
2014-06-28 03:13:19	3466b72cb85131945088f8719d4abc81	28/54 (51.85%)	Shylock	80.240.133.36:443
2014-06-28 01:55:56	78677caef6d2b5eef9d18fd3f9e9d47f	22/53 (41.51%)		80.240.133.36:443
2014-06-28 01:55:56	78677caef6d2b5eef9d18fd3f9e9d47f	22/53 (41.51%)		80.240.133.36:443
2014-06-28 01:10:21	60931f684ada0f63b01b91c42dfc0962	24/54 (44.44%)	Shylock	80.240.133.36:443
2014-06-28 01:10:21	60931f684ada0f63b01b91c42dfc0962	24/54 (44.44%)	Shylock	80.240.133.36:443
2014-06-28 00:49:37	26f12e5a888812dff5566b22bfe173dc	14/54 (25.93%)	Shylock	80.240.133.36:443
2014-06-28 00:49:37	26f12e5a888812dff5566b22bfe173dc	14/54 (25.93%)	Shylock	80.240.133.36:443
2014-06-27 23:53:21	e7f4c5646aa02d0714c570ae50460e66	23/54 (42.59%)	Shylock	80.240.133.36:443
2014-06-27 23:53:21	e7f4c5646aa02d0714c570ae50460e66	23/54 (42.59%)	Shylock	80.240.133.36:443
2014-06-27 23:52:59	e3f5d2789a5dde96ce54567f1f3202e6	31/54 (57.41%)		80.240.133.36:443
2014-06-27 23:52:59	e3f5d2789a5dde96ce54567f1f3202e6	31/54 (57.41%)		80.240.133.36:443
2014-06-27 23:21:33	7ddd34c2f5f010b8672bc19da4616154	19/54 (35.19%)	Shylock	80.240.133.36:443
2014-06-27 23:21:33	7ddd34c2f5f010b8672bc19da4616154	19/54 (35.19%)	Shylock	80.240.133.36:443
2014-06-27 23:10:50	2b6fab77a7ef9174f72f9fc29a51100d	30/54 (55.56%)	Shylock	80.240.133.36:443
2014-06-27 23:10:50	2b6fab77a7ef9174f72f9fc29a51100d	30/54 (55.56%)	Shylock	80.240.133.36:443
2014-06-27 22:49:15	ea0086c610bcd2cda59860a924934727	22/54 (40.74%)	Shylock	80.240.133.36:443
2014-06-27 22:49:15	ea0086c610bcd2cda59860a924934727	22/54 (40.74%)	Shylock	80.240.133.36:443
2014-06-27 22:48:32	e79b2a72ba890f6b8b2c7d6e7e4f6f4a	27/54 (50.00%)		80.240.133.36:443
2014-06-27 22:48:32	e79b2a72ba890f6b8b2c7d6e7e4f6f4a	27/54 (50.00%)		80.240.133.36:443
2014-06-27 22:31:20	52e9041ce02d28739852b04411ef5b99	34/53 (64.15%)		80.240.133.36:443
2014-06-27 22:31:20	52e9041ce02d28739852b04411ef5b99	34/53 (64.15%)		80.240.133.36:443
2014-06-27 21:59:06	6f3239d72cc0e4eb70bbdc594defcac0	30/54 (55.56%)		80.240.133.36:443
2014-06-27 21:59:06	6f3239d72cc0e4eb70bbdc594defcac0	30/54 (55.56%)		80.240.133.36:443
2014-06-27 21:50:17	f0e124b9a8ad06b25d915273e0897897	8/54 (14.81%)	Shylock	80.240.133.36:443
2014-06-27 21:50:17	f0e124b9a8ad06b25d915273e0897897	8/54 (14.81%)	Shylock	80.240.133.36:443
2014-06-27 21:49:15	56229ab4d84911f36cc27ee6a73928df	10/53 (18.87%)	Shylock	80.240.133.36:443
2014-06-27 21:49:15	56229ab4d84911f36cc27ee6a73928df	10/53 (18.87%)	Shylock	80.240.133.36:443
2014-06-27 20:33:28	ec36a2efb3b348687a47b14d5d43b618	24/53 (45.28%)	Shylock	80.240.133.36:443
2014-06-27 20:33:28	ec36a2efb3b348687a47b14d5d43b618	24/53 (45.28%)	Shylock	80.240.133.36:443
2014-06-27 12:18:13	c934d1d3055777f9fb53286b80bdf5f9	2/54 (3.70%)	Shylock	80.240.133.36:443
2014-06-27 12:18:13	c934d1d3055777f9fb53286b80bdf5f9	2/54 (3.70%)	Shylock	80.240.133.36:443
2014-06-27 11:05:20	9ca616599435bf03936c07fcaafe1e33	6/46 (13.04%)	Shylock	80.240.133.36:443
2014-06-27 11:05:20	9ca616599435bf03936c07fcaafe1e33	6/46 (13.04%)	Shylock	80.240.133.36:443
2014-06-27 10:42:59	5ee0abf9b5a0e2bf92adb6ac268d21c6	15/53 (28.30%)		80.240.133.36:443
2014-06-27 10:42:59	5ee0abf9b5a0e2bf92adb6ac268d21c6	15/53 (28.30%)		80.240.133.36:443
2014-06-27 10:42:55	0421d581a8be33099b5b140bbd2d97f0	11/53 (20.75%)	Shylock	80.240.133.36:443
2014-06-27 10:42:55	0421d581a8be33099b5b140bbd2d97f0	11/53 (20.75%)	Shylock	80.240.133.36:443
2014-06-27 10:30:18	98a9ee8d9de53e11cfaa340983ee2458	34/54 (62.96%)	Shylock	80.240.133.36:443
2014-06-27 10:30:18	98a9ee8d9de53e11cfaa340983ee2458	34/54 (62.96%)	Shylock	80.240.133.36:443
2014-06-27 10:16:52	95f3a44f7319e2f4187c9e0ac2eaaef3	25/54 (46.30%)		80.240.133.36:443
2014-06-27 10:16:52	95f3a44f7319e2f4187c9e0ac2eaaef3	25/54 (46.30%)		80.240.133.36:443
2014-06-27 09:53:42	91659c03d61c2e3046acac05afbe27bd	23/53 (43.40%)		80.240.133.36:443
2014-06-27 09:53:42	91659c03d61c2e3046acac05afbe27bd	23/53 (43.40%)		80.240.133.36:443
2014-06-27 09:23:26	d7c92bba5c971046f13af93750ca4a5e	5/53 (9.43%)	Shylock	80.240.133.36:443
2014-06-27 09:23:26	d7c92bba5c971046f13af93750ca4a5e	5/53 (9.43%)	Shylock	80.240.133.36:443
2014-06-27 06:43:28	0157c17a8a0c21a435020709ccd1be0d	21/53 (39.62%)	ZeuS	80.240.133.36:443
2014-06-27 06:43:28	0157c17a8a0c21a435020709ccd1be0d	21/53 (39.62%)	ZeuS	80.240.133.36:443
2014-06-27 06:26:00	585f740472c6dd86ed22d3355d15f29a	28/54 (51.85%)	Shylock	80.240.133.36:443
2014-06-27 06:26:00	585f740472c6dd86ed22d3355d15f29a	28/54 (51.85%)	Shylock	80.240.133.36:443
2014-06-27 05:15:33	530372b825aa8d812939c22530e783db	27/54 (50.00%)	Shylock	80.240.133.36:443
2014-06-27 05:15:33	530372b825aa8d812939c22530e783db	27/54 (50.00%)	Shylock	80.240.133.36:443
2014-06-27 05:07:32	f1fa8ad9f56d5814b664c65356a62d2e	7/54 (12.96%)	Shylock	80.240.133.36:443
2014-06-27 05:07:32	f1fa8ad9f56d5814b664c65356a62d2e	7/54 (12.96%)	Shylock	80.240.133.36:443
2014-06-27 03:54:04	01f3e04bb97603983abd4f10e9e423ff	22/54 (40.74%)	Shylock	80.240.133.36:443
2014-06-27 03:54:04	01f3e04bb97603983abd4f10e9e423ff	22/54 (40.74%)	Shylock	80.240.133.36:443

# of entries: 100 (max: 100)