SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5afc236d1dd00c9c45457b75226b501b815a59c7.
Database Entry
| SHA1 Fingerprint: | 5afc236d1dd00c9c45457b75226b501b815a59c7 |
|---|---|
| Certificate Common Name (CN): | localhost |
| Issuer Distinguished Name (DN): | localhost |
| TLS Version: | SSLv3 |
| First seen: | 2014-04-27 14:08:58 UTC |
| Last seen: | 2014-05-28 08:28:22 UTC |
| Status: | Blacklisted |
| Listing reason: | Shylock C&C |
| Listing date: | 2014-05-04 08:10:26 |
| Malware samples: | 33 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2014-05-28 08:28:22 | 74e820fce3f86a3a49a48466c8004594 |  27/52 (51.92%)
| Shylock | 78.110.173.136:443 |
| 2014-05-28 08:28:22 | 74e820fce3f86a3a49a48466c8004594 | 27/52 (51.92%)
| Shylock | 78.110.173.136:443 |
| 2014-05-28 03:08:53 | 287646980817333edbabec08b47c7c65 | 31/53 (58.49%)
| 78.110.173.136:443 | |
| 2014-05-28 03:08:53 | 287646980817333edbabec08b47c7c65 | 31/53 (58.49%)
| 78.110.173.136:443 | |
| 2014-05-27 12:12:33 | 109f04a6038e0630bbd1ef6603e18109 | 20/53 (37.74%)
| Shylock | 78.110.173.136:443 |
| 2014-05-27 12:12:33 | 109f04a6038e0630bbd1ef6603e18109 | 20/53 (37.74%)
| Shylock | 78.110.173.136:443 |
| 2014-05-25 05:33:05 | b3e8fa07ce77e6715684a69bef79d668 | 5/53 (9.43%)
| Shylock | 78.110.173.136:443 |
| 2014-05-25 05:33:05 | b3e8fa07ce77e6715684a69bef79d668 | 5/53 (9.43%)
| Shylock | 78.110.173.136:443 |
| 2014-05-23 07:00:30 | 92fe02e7ca059f70a0d29396146364bd | 14/51 (27.45%)
| 78.110.173.136:443 | |
| 2014-05-23 07:00:30 | 92fe02e7ca059f70a0d29396146364bd | 14/51 (27.45%)
| 78.110.173.136:443 | |
| 2014-05-22 09:18:54 | 62226c61a0cb4e05b77c16284b99c9d4 | 26/53 (49.06%)
| Shylock | 78.110.173.136:443 |
| 2014-05-22 09:18:54 | 62226c61a0cb4e05b77c16284b99c9d4 | 26/53 (49.06%)
| Shylock | 78.110.173.136:443 |
| 2014-05-20 14:41:55 | 0a0a579a529cb77f08994570769a1957 | 34/52 (65.38%)
| Shylock | 78.110.173.136:443 |
| 2014-05-20 14:41:55 | 0a0a579a529cb77f08994570769a1957 | 34/52 (65.38%)
| Shylock | 78.110.173.136:443 |
| 2014-05-15 22:32:27 | 774898eef93fa73173fc1368d3786858 | 32/52 (61.54%)
| Shylock | 78.110.173.136:443 |
| 2014-05-15 22:32:27 | 774898eef93fa73173fc1368d3786858 | 32/52 (61.54%)
| Shylock | 78.110.173.136:443 |
| 2014-05-15 21:18:12 | 24f94e7a108e5d8d06225ad3f00845c6 | 22/52 (42.31%)
| Shylock | 78.110.173.136:443 |
| 2014-05-15 21:18:12 | 24f94e7a108e5d8d06225ad3f00845c6 | 22/52 (42.31%)
| Shylock | 78.110.173.136:443 |
| 2014-05-13 16:09:53 | ab5d0698bc811139e362c3e716cc8da4 | 9/53 (16.98%)
| Shylock | 78.110.173.136:443 |
| 2014-05-13 16:09:53 | ab5d0698bc811139e362c3e716cc8da4 | 9/53 (16.98%)
| Shylock | 78.110.173.136:443 |
| 2014-05-13 14:23:18 | a0ecc4c84337ec2d44bc3e83ebb62e73 | 2/51 (3.92%)
| Shylock | 78.110.173.136:443 |
| 2014-05-13 14:23:18 | a0ecc4c84337ec2d44bc3e83ebb62e73 | 2/51 (3.92%)
| Shylock | 78.110.173.136:443 |
| 2014-05-13 13:09:06 | 8b35f5a91f55bbea448a62e931161164 | 21/52 (40.38%)
| Shylock | 78.110.173.136:443 |
| 2014-05-13 13:09:06 | 8b35f5a91f55bbea448a62e931161164 | 21/52 (40.38%)
| Shylock | 78.110.173.136:443 |
| 2014-05-12 20:40:37 | 7cebaf55e479f483b41956f3d36615f6 | 27/52 (51.92%)
| Shylock | 78.110.173.136:443 |
| 2014-05-12 20:40:37 | 7cebaf55e479f483b41956f3d36615f6 | 27/52 (51.92%)
| Shylock | 78.110.173.136:443 |
| 2014-05-11 19:57:22 | 313af570f6dbea5ae365aaf6e273f948 | 22/53 (41.51%)
| Shylock | 78.110.173.136:443 |
| 2014-05-11 19:57:22 | 313af570f6dbea5ae365aaf6e273f948 | 22/53 (41.51%)
| Shylock | 78.110.173.136:443 |
| 2014-05-11 19:18:20 | f0f560757c521747f61e341529c0784d | 15/53 (28.30%)
| Shylock | 78.110.173.136:443 |
| 2014-05-11 19:18:20 | f0f560757c521747f61e341529c0784d | 15/53 (28.30%)
| Shylock | 78.110.173.136:443 |
| 2014-05-10 10:41:07 | 361876be67f3c98d4ce7fb0d833f399d | 16/51 (31.37%)
| Shylock | 78.110.173.136:443 |
| 2014-05-10 10:41:07 | 361876be67f3c98d4ce7fb0d833f399d | 16/51 (31.37%)
| Shylock | 78.110.173.136:443 |
| 2014-05-09 08:39:37 | d04ddef244da5d72f2882d0c69240664 | 2/51 (3.92%)
| Shylock | 78.110.173.136:443 |
| 2014-05-09 08:39:37 | d04ddef244da5d72f2882d0c69240664 | 2/51 (3.92%)
| Shylock | 78.110.173.136:443 |
| 2014-05-08 01:23:05 | a6f6a1ca2ae01a123fd956aff042fdd6 | 2/51 (3.92%)
| Shylock | 78.110.173.136:443 |
| 2014-05-08 01:23:05 | a6f6a1ca2ae01a123fd956aff042fdd6 | 2/51 (3.92%)
| Shylock | 78.110.173.136:443 |
| 2014-05-07 18:43:50 | 48ece6a32f813a4117105b8f12d5e1f6 | 15/52 (28.85%)
| Shylock | 78.110.173.136:443 |
| 2014-05-07 18:43:50 | 48ece6a32f813a4117105b8f12d5e1f6 | 15/52 (28.85%)
| Shylock | 78.110.173.136:443 |
| 2014-05-05 08:05:44 | 22d3d55fa19f668b456d9937022c3b6e | 17/51 (33.33%)
| Shylock | 78.110.173.136:443 |
| 2014-05-05 08:05:44 | 22d3d55fa19f668b456d9937022c3b6e | 17/51 (33.33%)
| Shylock | 78.110.173.136:443 |
| 2014-05-04 15:37:02 | adab04ffb3c90edf2b2a7ff7d0bc1e9a | 36/57 (63.16%)
| Shylock | 78.110.173.136:443 |
| 2014-05-04 15:37:02 | adab04ffb3c90edf2b2a7ff7d0bc1e9a | 36/57 (63.16%)
| Shylock | 78.110.173.136:443 |
| 2014-05-03 08:54:25 | 6d37687d3fec5ffcf3e1665c8515ea65 | 2/52 (3.85%)
| Shylock | 78.110.173.136:443 |
| 2014-05-03 08:54:25 | 6d37687d3fec5ffcf3e1665c8515ea65 | 2/52 (3.85%)
| Shylock | 78.110.173.136:443 |
| 2014-05-02 19:09:29 | 5b0a7ae383dd269f0c204f58bceeee0d | 16/52 (30.77%)
| Shylock | 78.110.173.136:443 |
| 2014-05-02 19:09:29 | 5b0a7ae383dd269f0c204f58bceeee0d | 16/52 (30.77%)
| Shylock | 78.110.173.136:443 |
| 2014-05-01 12:58:50 | 4ad5cd3688cbb5d914116485e873d219 | 19/52 (36.54%)
| Shylock | 78.110.173.136:443 |
| 2014-05-01 12:58:50 | 4ad5cd3688cbb5d914116485e873d219 | 19/52 (36.54%)
| Shylock | 78.110.173.136:443 |
| 2014-05-01 11:17:48 | 689cd169a4271fca2b36d98ef53fe27b | 3/38 (7.89%)
| Shylock | 78.110.173.136:443 |
| 2014-05-01 11:17:48 | 689cd169a4271fca2b36d98ef53fe27b | 3/38 (7.89%)
| Shylock | 78.110.173.136:443 |
| 2014-05-01 10:27:19 | 0305b67b9c288250c8bab325b8897828 | 4/51 (7.84%)
| Shylock | 78.110.173.136:443 |
| 2014-05-01 10:27:19 | 0305b67b9c288250c8bab325b8897828 | 4/51 (7.84%)
| Shylock | 78.110.173.136:443 |
| 2014-04-30 22:58:42 | 75bece4ecaf08c67a76bff54fe38750b | 29/54 (53.70%)
| Shylock | 78.110.173.136:443 |
| 2014-04-30 22:58:42 | 75bece4ecaf08c67a76bff54fe38750b | 29/54 (53.70%)
| Shylock | 78.110.173.136:443 |
| 2014-04-30 13:52:27 | 7e8554fd87d1c41c5d426ee0374a732c | 25/54 (46.30%)
| Shylock | 78.110.173.136:443 |
| 2014-04-30 13:52:27 | 7e8554fd87d1c41c5d426ee0374a732c | 25/54 (46.30%)
| Shylock | 78.110.173.136:443 |
| 2014-04-30 02:05:08 | 92d73f2f6e69a3d9a4cdc9ebabdd958f | 27/54 (50.00%)
| Shylock | 78.110.173.136:443 |
| 2014-04-30 02:05:08 | 92d73f2f6e69a3d9a4cdc9ebabdd958f | 27/54 (50.00%)
| Shylock | 78.110.173.136:443 |
| 2014-04-29 16:25:42 | bf50a3ff0a9261e059ccb27583185f08 | 2/51 (3.92%)
| Shylock | 78.110.173.136:443 |
| 2014-04-29 16:25:42 | bf50a3ff0a9261e059ccb27583185f08 | 2/51 (3.92%)
| Shylock | 78.110.173.136:443 |
| 2014-04-29 10:39:00 | 65ea8bc43cdbc6c5166271591f78963b | 4/52 (7.69%)
| Shylock | 78.110.173.136:443 |
| 2014-04-29 10:39:00 | 65ea8bc43cdbc6c5166271591f78963b | 4/52 (7.69%)
| Shylock | 78.110.173.136:443 |
| 2014-04-27 22:49:00 | d07aa4e622ba7bd6337aaa746581cdfa | 11/52 (21.15%)
| Shylock | 78.110.173.136:443 |
| 2014-04-27 22:49:00 | d07aa4e622ba7bd6337aaa746581cdfa | 11/52 (21.15%)
| Shylock | 78.110.173.136:443 |
| 2014-04-27 14:08:58 | ee72bed66025214a0a26496536ef64ee | 20/51 (39.22%)
| Shylock | 78.110.173.136:443 |
| 2014-04-27 14:08:58 | ee72bed66025214a0a26496536ef64ee | 20/51 (39.22%)
| Shylock | 78.110.173.136:443 |
# of entries: 66 (max: 100)