SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 33c3d1f2647624cadda3f0f986084108bb2a941b.

Database Entry


SHA1 Fingerprint:33c3d1f2647624cadda3f0f986084108bb2a941b
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-09-01 10:56:55 UTC
Last seen:2016-10-10 18:38:27 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-09-20 11:03:11
Malware samples:25
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-10-10 18:38:272e12810c95da57bf7fca6ca639b8ff58Virustotal results 7/56 (12.50%) Shylock 120.114.184.49:80
2016-10-10 14:42:0218b5ba8d44e95d85f682f6e19ca5ecbdn/aShylock 120.114.184.49:80
2016-10-09 11:09:455244050e4690fc4196dc5ee1104a24een/aShylock 120.114.184.49:80
2016-10-09 07:31:34aded55e7837a48defb1b6ffda4797cean/aShylock 120.114.184.49:80
2016-10-09 04:52:05a4c7e882835b8d3b4ebf8254fbc2c32aVirustotal results 30/56 (53.57%) Shylock 120.114.184.49:80
2016-10-09 02:55:379eb0e73281c56b761279679ac4327986Virustotal results 10/56 (17.86%) Shylock 120.114.184.49:80
2016-10-09 01:18:446effb61d99370099063cef10f3f4bb9fVirustotal results 39/56 (69.64%) Shylock 120.114.184.49:80
2016-10-08 18:07:19e8b92da4f6250e46f1a7647bd0bd84a0n/aShylock 120.114.184.49:80
2016-10-05 18:18:177981100da6629e4c99f51173040ac7efVirustotal results 37/56 (66.07%) Shylock 120.114.184.49:80
2016-10-04 10:41:16541840e4aef1bf38f8b8814161c1eba8Virustotal results 37/56 (66.07%) Shylock 120.114.184.49:80
2016-10-01 23:50:23c40e48d7982415e2571596f751e3b793Virustotal results 15/57 (26.32%) Shylock 120.114.184.49:80
2016-09-26 02:06:28e2f5d9fa51e522ab32362e041ff3a338Virustotal results 39/57 (68.42%) Shylock 120.114.184.49:80
2016-09-24 03:51:15a18d5c1afa598a4bb683d99bb3103e8aVirustotal results 17/57 (29.82%) Shylock 120.114.184.49:80
2016-09-20 07:29:3985c8a1aedf587ff67da5944cbb6e3ecaVirustotal results 29/56 (51.79%) Gootkit 120.114.184.49:80
2016-09-19 19:35:340b82c82f0ca99c145d7a05c506579d26n/aGootkit 120.114.184.49:80
2016-09-18 05:07:13ade304ca7eace2f91f5e92c9ff5b273an/aGootkit 120.114.184.49:80
2016-09-15 08:48:41711eec2974ec1a8346aab636b4d1056aVirustotal results 40/57 (70.18%) Gootkit 120.114.184.49:80
2016-09-13 06:04:31fc4079dda5a12d33a587d635253316b3Virustotal results 34/58 (58.62%) Gootkit 120.114.184.49:80
2016-09-12 17:40:3919abc82e550ceca5b84865b54e7167fan/aGootkit 120.114.184.49:80
2016-09-12 15:27:4652fb6239dadad01d548c76070fc51564Virustotal results 24/55 (43.64%) Gootkit 120.114.184.49:80
2016-09-09 08:21:16894155f3d4c1fa4c73184edd20256b96Virustotal results 36/57 (63.16%) Gootkit 120.114.184.49:80
2016-09-02 03:41:23da56c0cd09f9fc4d34fccd1e45dd9289Virustotal results 34/57 (59.65%) Gootkit 120.114.184.49:80
2016-09-02 02:34:27c2ce5bd96e4b433f97a78e25b00eb211Virustotal results 38/58 (65.52%) Shylock 120.114.184.49:80
2016-09-01 11:15:4077f3d9d96e1955c5b1174370261722e3Virustotal results 38/58 (65.52%) Shylock 120.114.184.49:80
2016-09-01 10:56:55de15aa9a7aefd24ff0839cab20b91a08Virustotal results 42/57 (73.68%) Gootkit 120.114.184.49:80

# of entries: 25 (max: 100)