SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 6798308190fb070536af19023ae89ba4bd54e9b6.

Database Entry


SHA1 Fingerprint:6798308190fb070536af19023ae89ba4bd54e9b6
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:SSLv3
First seen:2014-04-27 14:08:58 UTC
Last seen:2014-05-04 18:30:47 UTC
Status:Blacklisted
Listing reason:Shylock C&C
Listing date:2014-05-04 08:24:28
Malware samples:5
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2014-05-04 18:30:47b276f408cb5bedf39e34e8d5706531e4Virustotal results 28/53 (52.83%) Shylock 162.213.24.51:443
2014-04-30 14:40:4457e5929bcac4b198538512cafe6fb2f5Virustotal results 19/52 (36.54%) Shylock 162.213.24.51:443
2014-04-27 14:08:580537ccdfe0bb1ffb4ad22f80bde86a2bVirustotal results 24/51 (47.06%) Shylock 162.213.24.51:443
2014-04-27 14:08:58169382c5ea0a6adff2540f9e98883f07Virustotal results 21/51 (41.18%) Shylock 162.213.24.51:443
2014-04-27 14:08:586599bdafaf842a7f129d2d5254323430Virustotal results 6/50 (12.00%) Shylock 162.213.24.51:443

# of entries: 5 (max: 100)