SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 4e6a4b497681b4c09e2bf44c656fa4b8c376aa37.

Database Entry


SHA1 Fingerprint:4e6a4b497681b4c09e2bf44c656fa4b8c376aa37
Certificate Common Name (CN):www.jh0n3ik9.com/O=jh0n3ik9./C=US
Issuer Distinguished Name (DN):www.jh0n3ik9.com/O=jh0n3ik9./C=US
TLS Version:TLSv1
First seen:2016-05-09 20:09:56 UTC
Last seen:2016-05-16 10:37:12 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-05-17 15:12:16
Malware samples:5
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-05-16 10:37:120799011258fbd4956e5766263d7f0272n/aGootkit 23.88.239.220:80
2016-05-16 10:07:10da9b8b4b11e8e1a29ffb3018fc3c07ddVirustotal results 10/57 (17.54%) Gootkit 23.88.239.220:80
2016-05-16 09:01:46ca031a618532eafdb9a24de4653a4af3Virustotal results 26/56 (46.43%) Gootkit 23.88.239.220:80
2016-05-16 08:34:37b00d81cecffc5b90bcf73e270688bbe5Virustotal results 26/57 (45.61%) Gootkit 23.88.239.220:80
2016-05-09 20:09:569660349d9013d2eabf8ac49b752232d4Virustotal results 29/57 (50.88%) Gootkit 23.88.239.220:80

# of entries: 5 (max: 100)