SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3c875da14a71bc660bb7c90db79aaa69c76fd0e0.

Database Entry


SHA1 Fingerprint:3c875da14a71bc660bb7c90db79aaa69c76fd0e0
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-10-26 22:14:52 UTC
Last seen:2016-11-03 16:23:05 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-10-27 07:43:12
Malware samples:9
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-11-03 16:23:059f0405c57a14ea5e81b3099e8e61d64bVirustotal results 35/57 (61.40%) Shylock 192.3.111.51:80
2016-11-03 05:54:358786fb80a5ccea96d8d547d15486ce30Virustotal results 23/57 (40.35%) Shylock 192.3.111.51:80
2016-11-02 05:33:52a1de8d47872b510707141136c35543a1Virustotal results 24/57 (42.11%) Shylock 192.3.111.51:80
2016-10-31 18:05:26875c068635236792315ed82f3db1a17bVirustotal results 21/57 (36.84%) Shylock 192.3.111.51:80
2016-10-31 16:09:57d14d2bfba223fd148df4532ba11a0e25Virustotal results 37/55 (67.27%) Shylock 192.3.111.51:80
2016-10-30 22:03:51cfa73d7307a6f5161e96b8beb496502fVirustotal results 31/57 (54.39%) Shylock 192.3.111.51:80
2016-10-30 20:37:17b7b96531452af8f7a1bc10e0a8e2fa6cVirustotal results 18/57 (31.58%) Shylock 192.3.111.51:80
2016-10-27 04:01:50fcea0572a1441164f2acff3ea5e136f0Virustotal results 28/56 (50.00%) Gootkit 192.3.111.51:80
2016-10-26 22:14:52a3cb7eabef94cff95b84631c43065da6Virustotal results 39/57 (68.42%) Gootkit 192.3.111.51:80

# of entries: 9 (max: 100)