SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 447f91676e92665aa04b08cc1229ca65d0544744.

Database Entry


SHA1 Fingerprint:447f91676e92665aa04b08cc1229ca65d0544744
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-05-19 17:39:59 UTC
Last seen:2016-05-25 18:06:42 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-05-20 06:42:15
Malware samples:7
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-05-25 18:06:4226168a0f545b4e1a95ef52925d9eea2fVirustotal results 10/56 (17.86%) Gootkit 94.76.233.152:80
2016-05-24 03:34:2994a3ada524b935e0dd8994ae63b191b1Virustotal results 28/57 (49.12%) Shylock 94.76.233.152:80
2016-05-23 00:56:58e1521681f01065121c0e97baad220104Virustotal results 30/57 (52.63%) Shylock 94.76.233.152:80
2016-05-23 00:17:0631f04f18fe4ce55306c296ab7c731713Virustotal results 33/57 (57.89%) Gootkit 94.76.233.152:80
2016-05-22 04:51:41ad15843c84c852be1eee89ee280cb777Virustotal results 32/57 (56.14%) Gootkit 94.76.233.152:80
2016-05-19 17:42:2519bf632c08732444510ba556d254cfadVirustotal results 25/57 (43.86%) Gootkit 94.76.233.152:80
2016-05-19 17:39:597b40713431336a60ed77e2d9ce88f6f4Virustotal results 3/57 (5.26%) Gootkit 94.76.233.152:80

# of entries: 7 (max: 100)