SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 42c34ec2cf084df07531129e227504685985e766.

Database Entry


SHA1 Fingerprint:42c34ec2cf084df07531129e227504685985e766
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-07-09 07:03:40 UTC
Last seen:2016-07-12 09:39:00 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-07-11 08:38:32
Malware samples:13
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-07-12 09:39:009a99b2130c1c3c3287b03e6fa6faca06n/aGootkit 117.169.20.208:80
2016-07-11 03:45:1703ef6db5396e62cc34b87c81b8fe1bc4n/aGootkit 117.169.20.208:80
2016-07-10 17:41:135a8a475a35d07ffdc9c8ab3061ff0f72Virustotal results 39/67 (58.21%) Gootkit 117.169.20.208:80
2016-07-10 15:30:446a1402b9f090f0f5b14cf00ef0337c90n/aGootkit 117.169.20.208:80
2016-07-10 12:13:323964f2e94b8f9426568396020d15812cn/aGootkit 117.169.20.208:80
2016-07-10 08:56:180924042f1ebcc49dccd4f471808ce7ecVirustotal results 26/53 (49.06%) Gootkit 117.169.20.208:80
2016-07-10 01:04:325bf3b90694a542b7203c1a7084976af3Virustotal results 22/54 (40.74%) Gootkit 117.169.20.208:80
2016-07-09 21:28:22fcdfdaafa3dc063aa97fa918bb2839ccn/aGootkit 117.169.20.208:80
2016-07-09 19:39:335d7cbe702eb1e175ab9b482983a08983Virustotal results 41/55 (74.55%) Gootkit 117.169.20.208:80
2016-07-09 19:10:27d852e8b9636d656f57bd05d438ee1397n/aGootkit 117.169.20.208:80
2016-07-09 17:47:11068e219fc8cae68f33147aff145257d5Virustotal results 10/54 (18.52%) Gootkit 117.169.20.208:80
2016-07-09 10:28:0009910a6fe666f3d1f0d5f37753f6da71n/aGootkit 117.169.20.208:80
2016-07-09 07:03:42874f289945a4fa29fb2edb18ea9c39eaVirustotal results 35/55 (63.64%) Gootkit 117.169.20.208:80

# of entries: 13 (max: 100)