SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 315336e7513eba5b06736495cabccce94c58f8d0.

Database Entry


SHA1 Fingerprint:315336e7513eba5b06736495cabccce94c58f8d0
Certificate Common Name (CN):www.__RANDOM_STR_.com/O=__RANDOM_STR_./C=US
Issuer Distinguished Name (DN):www.__RANDOM_STR_.com/O=__RANDOM_STR_./C=US
TLS Version:TLS 1.2
First seen:2016-12-09 23:13:00 UTC
Last seen:2016-12-29 18:54:14 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-12-10 16:20:42
Malware samples:8
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-12-29 18:54:140477f190417cead19315b83833147d76n/aGootkit 89.36.216.204:80
2016-12-11 12:29:13b576349c72e77bb3dc2b67d2ed22121an/aGootkit 89.36.216.204:80
2016-12-11 08:41:368b37f97623c7564008083a6d5c157a02n/aGootkit 89.36.216.204:80
2016-12-10 20:29:17d2ff4844e75da753811f3941f68b7902Virustotal results 6/57 (10.53%) Gootkit 89.36.216.204:80
2016-12-10 19:25:3370c154c2107c62330b721dde03158519Virustotal results 27/56 (48.21%) Gootkit 89.36.216.204:80
2016-12-10 15:41:282840ad43514f55149e712db7fda1b862Virustotal results 32/57 (56.14%) Gootkit 89.36.216.204:80
2016-12-10 15:02:40d0c61564245baf1a48a27b9168faac3cVirustotal results 40/56 (71.43%) Gootkit 89.36.216.204:80
2016-12-09 23:13:00fb9ee6bebb6c509e9342b6e9f9e42b15n/aGootkit 89.36.216.204:80

# of entries: 8 (max: 100)