SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5cd739986ad9cf128d4bad0317dcd0ab81c2cf2b.

Database Entry


SHA1 Fingerprint:5cd739986ad9cf128d4bad0317dcd0ab81c2cf2b
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-04-23 19:30:25 UTC
Last seen:2016-04-26 14:38:31 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-04-26 13:09:16
Malware samples:10
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-04-26 14:38:31678ae0560a0d7f04e12f9f5558c2ac91n/aGootkit 95.183.53.68:80
2016-04-26 12:10:498912b81b7a69b3e51f20026321bbae7an/aGootkit 95.183.53.68:80
2016-04-26 06:25:3539d9d134a3de7a95ea3c3efeaf44a606n/aGootkit 95.183.53.68:80
2016-04-26 04:08:18ded8485aa4897694e2c5720046d953b1n/aGootkit 95.183.53.68:80
2016-04-26 00:47:094b5d6a251c76008ae25efec1b8d10c24n/aGootkit 95.183.53.68:80
2016-04-25 20:25:45377cac57b960a8cb16fe4ab0f3193833Virustotal results 21/56 (37.50%) Gootkit 95.183.53.68:80
2016-04-25 09:35:35096c915bd7f636453d904e6631eaff33n/aGootkit 95.183.53.68:80
2016-04-25 04:32:324b24a48b7520237befc7c988280d3a8dVirustotal results 13/56 (23.21%) Gootkit 95.183.53.68:80
2016-04-24 18:21:51cfe165d97f523d812491fabf31a64fedn/aGootkit 95.183.53.68:80
2016-04-23 19:30:33e4a69c7fa0eba60d8386d36838a2fc7dn/aGootkit 95.183.53.68:80

# of entries: 10 (max: 100)