SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3c875da14a71bc660bb7c90db79aaa69c76fd0e0.
Database Entry
| SHA1 Fingerprint: | 3c875da14a71bc660bb7c90db79aaa69c76fd0e0 |
|---|---|
| Certificate Common Name (CN): | localhost |
| Issuer Distinguished Name (DN): | localhost |
| TLS Version: | TLSv1 |
| First seen: | 2016-10-26 22:14:52 UTC |
| Last seen: | 2016-11-03 16:23:05 UTC |
| Status: | Blacklisted |
| Listing reason: | Gootkit C&C |
| Listing date: | 2016-10-27 07:43:12 |
| Malware samples: | 9 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-11-03 16:23:05 | 9f0405c57a14ea5e81b3099e8e61d64b |  35/57 (61.40%)
| Shylock | 192.3.111.51:80 |
| 2016-11-03 16:23:05 | 9f0405c57a14ea5e81b3099e8e61d64b | 35/57 (61.40%)
| Shylock | 192.3.111.51:80 |
| 2016-11-03 05:54:35 | 8786fb80a5ccea96d8d547d15486ce30 | 23/57 (40.35%)
| Shylock | 192.3.111.51:80 |
| 2016-11-03 05:54:35 | 8786fb80a5ccea96d8d547d15486ce30 | 23/57 (40.35%)
| Shylock | 192.3.111.51:80 |
| 2016-11-02 05:33:52 | a1de8d47872b510707141136c35543a1 | 24/57 (42.11%)
| Shylock | 192.3.111.51:80 |
| 2016-11-02 05:33:52 | a1de8d47872b510707141136c35543a1 | 24/57 (42.11%)
| Shylock | 192.3.111.51:80 |
| 2016-10-31 18:05:26 | 875c068635236792315ed82f3db1a17b | 21/57 (36.84%)
| Shylock | 192.3.111.51:80 |
| 2016-10-31 18:05:26 | 875c068635236792315ed82f3db1a17b | 21/57 (36.84%)
| Shylock | 192.3.111.51:80 |
| 2016-10-31 16:09:57 | d14d2bfba223fd148df4532ba11a0e25 | 37/55 (67.27%)
| Shylock | 192.3.111.51:80 |
| 2016-10-31 16:09:57 | d14d2bfba223fd148df4532ba11a0e25 | 37/55 (67.27%)
| Shylock | 192.3.111.51:80 |
| 2016-10-30 22:03:51 | cfa73d7307a6f5161e96b8beb496502f | 31/57 (54.39%)
| Shylock | 192.3.111.51:80 |
| 2016-10-30 22:03:51 | cfa73d7307a6f5161e96b8beb496502f | 31/57 (54.39%)
| Shylock | 192.3.111.51:80 |
| 2016-10-30 20:37:17 | b7b96531452af8f7a1bc10e0a8e2fa6c | 18/57 (31.58%)
| Shylock | 192.3.111.51:80 |
| 2016-10-30 20:37:17 | b7b96531452af8f7a1bc10e0a8e2fa6c | 18/57 (31.58%)
| Shylock | 192.3.111.51:80 |
| 2016-10-27 04:01:50 | fcea0572a1441164f2acff3ea5e136f0 | 28/56 (50.00%)
| Gootkit | 192.3.111.51:80 |
| 2016-10-27 04:01:50 | fcea0572a1441164f2acff3ea5e136f0 | 28/56 (50.00%)
| Gootkit | 192.3.111.51:80 |
| 2016-10-26 22:14:52 | a3cb7eabef94cff95b84631c43065da6 | 39/57 (68.42%)
| Gootkit | 192.3.111.51:80 |
| 2016-10-26 22:14:52 | a3cb7eabef94cff95b84631c43065da6 | 39/57 (68.42%)
| Gootkit | 192.3.111.51:80 |
# of entries: 18 (max: 100)