SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3cee08dc89088da5ca35f8cf1229ea42a678f2c5.

Database Entry


SHA1 Fingerprint:3cee08dc89088da5ca35f8cf1229ea42a678f2c5
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-07-24 07:23:00 UTC
Last seen:2016-07-31 15:32:32 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-08-01 08:53:00
Malware samples:13
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-07-31 15:32:326f4dd6d6ceab7a5f1f78ed07321722b4n/aShylock 23.110.85.211:80
2016-07-31 14:36:0365c46a7970cacb8753979a785b964cdbn/aShylock 23.110.85.211:80
2016-07-31 06:51:012173dc23150ae8756d8e9d64cff7638an/aGootkit 23.110.85.211:80
2016-07-31 06:38:51b15e392f812544e7431bba4ab20484fan/aGootkit 23.110.85.211:80
2016-07-30 23:26:5111260b4933b496ca166520d4535ef26bn/aGootkit 23.110.85.211:80
2016-07-30 23:25:5228faa1bfc2e3210813ed89cfc3ede3can/aGootkit 23.110.85.211:80
2016-07-29 15:51:56c9ed743eea3c0ffa165fdb7f3827b25an/aShylock 23.110.85.211:80
2016-07-29 13:34:127bfb6d486b4cfce37de4a3d6d3321118n/aGootkit 23.110.85.211:80
2016-07-29 13:07:58766eb7d2947584302f98f4e7cc1b76acn/aGootkit 23.110.85.211:80
2016-07-29 12:56:2755d6d1629ce1315be11c703acab0705bn/aShylock 23.110.85.211:80
2016-07-29 00:47:43a1cda8da37029e86bda11be386a7f7a9n/aShylock 23.110.85.211:80
2016-07-26 09:35:268540a8d304f8758154391481325c69ban/aShylock 23.110.85.211:80
2016-07-24 07:23:00042da889093be44e150fa31ef7fc9c5an/aShylock 23.110.85.211:80

# of entries: 13 (max: 100)