SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5a5d28918cc144bfb4a31f5c9260e3d40d6b811d.

Database Entry


SHA1 Fingerprint:5a5d28918cc144bfb4a31f5c9260e3d40d6b811d
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-09-22 02:05:45 UTC
Last seen:2016-09-24 11:50:17 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-09-23 10:05:03
Malware samples:6
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-09-24 11:50:1787e5a1470bd969bdeeb83effeca82a76Virustotal results 40/56 (71.43%) Gootkit 51.255.157.186:80
2016-09-24 11:50:1787e5a1470bd969bdeeb83effeca82a76Virustotal results 40/56 (71.43%) Gootkit 51.255.157.186:80
2016-09-23 07:01:10150dfc3d0accc20a70fbce1d5dff4884Virustotal results 39/57 (68.42%) Gootkit 51.255.157.186:80
2016-09-23 07:01:10150dfc3d0accc20a70fbce1d5dff4884Virustotal results 39/57 (68.42%) Gootkit 51.255.157.186:80
2016-09-22 21:44:225811abb73ce61e787f6a7eb385a35b3bn/aGootkit 51.255.157.186:80
2016-09-22 21:44:225811abb73ce61e787f6a7eb385a35b3bn/aGootkit 51.255.157.186:80
2016-09-22 17:56:1680593fb36bf1002dc272f75628fe0409n/aGootkit 51.255.157.186:80
2016-09-22 17:56:1680593fb36bf1002dc272f75628fe0409n/aGootkit 51.255.157.186:80
2016-09-22 11:46:2973f27662a00b3310c1c839e7e321e325Virustotal results 32/57 (56.14%) Gootkit 51.255.157.186:80
2016-09-22 11:46:2973f27662a00b3310c1c839e7e321e325Virustotal results 32/57 (56.14%) Gootkit 51.255.157.186:80
2016-09-22 02:05:458fafa0d85de203b30015774b37b815d6Virustotal results 32/57 (56.14%) Gootkit 51.255.157.186:80
2016-09-22 02:05:458fafa0d85de203b30015774b37b815d6Virustotal results 32/57 (56.14%) Gootkit 51.255.157.186:80

# of entries: 12 (max: 100)