SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5afc236d1dd00c9c45457b75226b501b815a59c7.

Database Entry


SHA1 Fingerprint:5afc236d1dd00c9c45457b75226b501b815a59c7
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:SSLv3
First seen:2014-04-27 14:08:58 UTC
Last seen:2014-05-28 08:28:22 UTC
Status:Blacklisted
Listing reason:Shylock C&C
Listing date:2014-05-04 08:10:26
Malware samples:33
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2014-05-28 08:28:2274e820fce3f86a3a49a48466c8004594Virustotal results 27/52 (51.92%) Shylock 78.110.173.136:443
2014-05-28 03:08:53287646980817333edbabec08b47c7c65Virustotal results 31/53 (58.49%) 78.110.173.136:443
2014-05-27 12:12:33109f04a6038e0630bbd1ef6603e18109Virustotal results 20/53 (37.74%) Shylock 78.110.173.136:443
2014-05-25 05:33:05b3e8fa07ce77e6715684a69bef79d668Virustotal results 5/53 (9.43%) Shylock 78.110.173.136:443
2014-05-23 07:00:3092fe02e7ca059f70a0d29396146364bdVirustotal results 14/51 (27.45%) 78.110.173.136:443
2014-05-22 09:18:5462226c61a0cb4e05b77c16284b99c9d4Virustotal results 26/53 (49.06%) Shylock 78.110.173.136:443
2014-05-20 14:41:550a0a579a529cb77f08994570769a1957Virustotal results 34/52 (65.38%) Shylock 78.110.173.136:443
2014-05-15 22:32:27774898eef93fa73173fc1368d3786858Virustotal results 32/52 (61.54%) Shylock 78.110.173.136:443
2014-05-15 21:18:1224f94e7a108e5d8d06225ad3f00845c6Virustotal results 22/52 (42.31%) Shylock 78.110.173.136:443
2014-05-13 16:09:53ab5d0698bc811139e362c3e716cc8da4Virustotal results 9/53 (16.98%) Shylock 78.110.173.136:443
2014-05-13 14:23:18a0ecc4c84337ec2d44bc3e83ebb62e73Virustotal results 2/51 (3.92%) Shylock 78.110.173.136:443
2014-05-13 13:09:068b35f5a91f55bbea448a62e931161164Virustotal results 21/52 (40.38%) Shylock 78.110.173.136:443
2014-05-12 20:40:377cebaf55e479f483b41956f3d36615f6Virustotal results 27/52 (51.92%) Shylock 78.110.173.136:443
2014-05-11 19:57:22313af570f6dbea5ae365aaf6e273f948Virustotal results 22/53 (41.51%) Shylock 78.110.173.136:443
2014-05-11 19:18:20f0f560757c521747f61e341529c0784dVirustotal results 15/53 (28.30%) Shylock 78.110.173.136:443
2014-05-10 10:41:07361876be67f3c98d4ce7fb0d833f399dVirustotal results 16/51 (31.37%) Shylock 78.110.173.136:443
2014-05-09 08:39:37d04ddef244da5d72f2882d0c69240664Virustotal results 2/51 (3.92%) Shylock 78.110.173.136:443
2014-05-08 01:23:05a6f6a1ca2ae01a123fd956aff042fdd6Virustotal results 2/51 (3.92%) Shylock 78.110.173.136:443
2014-05-07 18:43:5048ece6a32f813a4117105b8f12d5e1f6Virustotal results 15/52 (28.85%) Shylock 78.110.173.136:443
2014-05-05 08:05:4422d3d55fa19f668b456d9937022c3b6eVirustotal results 17/51 (33.33%) Shylock 78.110.173.136:443
2014-05-04 15:37:02adab04ffb3c90edf2b2a7ff7d0bc1e9aVirustotal results 36/57 (63.16%) Shylock 78.110.173.136:443
2014-05-03 08:54:256d37687d3fec5ffcf3e1665c8515ea65Virustotal results 2/52 (3.85%) Shylock 78.110.173.136:443
2014-05-02 19:09:295b0a7ae383dd269f0c204f58bceeee0dVirustotal results 16/52 (30.77%) Shylock 78.110.173.136:443
2014-05-01 12:58:504ad5cd3688cbb5d914116485e873d219Virustotal results 19/52 (36.54%) Shylock 78.110.173.136:443
2014-05-01 11:17:48689cd169a4271fca2b36d98ef53fe27bVirustotal results 3/38 (7.89%) Shylock 78.110.173.136:443
2014-05-01 10:27:190305b67b9c288250c8bab325b8897828Virustotal results 4/51 (7.84%) Shylock 78.110.173.136:443
2014-04-30 22:58:4275bece4ecaf08c67a76bff54fe38750bVirustotal results 29/54 (53.70%) Shylock 78.110.173.136:443
2014-04-30 13:52:277e8554fd87d1c41c5d426ee0374a732cVirustotal results 25/54 (46.30%) Shylock 78.110.173.136:443
2014-04-30 02:05:0892d73f2f6e69a3d9a4cdc9ebabdd958fVirustotal results 27/54 (50.00%) Shylock 78.110.173.136:443
2014-04-29 16:25:42bf50a3ff0a9261e059ccb27583185f08Virustotal results 2/51 (3.92%) Shylock 78.110.173.136:443
2014-04-29 10:39:0065ea8bc43cdbc6c5166271591f78963bVirustotal results 4/52 (7.69%) Shylock 78.110.173.136:443
2014-04-27 22:49:00d07aa4e622ba7bd6337aaa746581cdfaVirustotal results 11/52 (21.15%) Shylock 78.110.173.136:443
2014-04-27 14:08:58ee72bed66025214a0a26496536ef64eeVirustotal results 20/51 (39.22%) Shylock 78.110.173.136:443

# of entries: 33 (max: 100)