SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 68dec51d9d27fdd6efc57bb5581b54243fb60aeb.

Database Entry


SHA1 Fingerprint:68dec51d9d27fdd6efc57bb5581b54243fb60aeb
Certificate Common Name (CN):Bitrix/emailAddress=test@email.address
Issuer Distinguished Name (DN):Bitrix/emailAddress=test@email.address
TLS Version:TLS 1.2
First seen:2016-08-14 14:05:25 UTC
Last seen:2017-01-10 03:55:11 UTC
Status:Blacklisted
Listing reason:Malware C&C
Listing date:2016-12-18 08:47:55
Malware samples:22
Botnet C&Cs:2

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2017-01-10 03:55:1102af8e1be95be66cf0bf5c232dc0ec56Virustotal results 26/50 (52.00%) Shylock 37.230.115.205:443
2016-12-23 10:33:35fbd63c2bcdb7f610727429db8285eec1Virustotal results 21/51 (41.18%) 188.120.230.245:443
2016-12-23 07:25:0697aec512635beabd51d463929d448243Virustotal results 44/56 (78.57%) 188.120.230.245:443
2016-12-23 01:01:4657655b7d580ca452ba987ccc9366adddVirustotal results 6/51 (11.76%) 188.120.230.245:443
2016-12-22 16:58:54c7d33dfc84a130b346dbfcaf9a9c3427Virustotal results 33/51 (64.71%) 188.120.230.245:443
2016-12-18 08:04:23a542b3b58e6a533fef3384e9df47f823Virustotal results 45/54 (83.33%) 37.230.115.205:443
2016-12-18 07:45:40875cf5bba6273ebf1870e1b3754fd806Virustotal results 38/50 (76.00%) Expiro37.230.115.205:443
2016-12-17 01:28:59f81f6abc1ea00e1dafebab64ab349388Virustotal results 41/52 (78.85%) Shylock 37.230.115.205:443
2016-12-16 19:41:014b4bafed7cb13f2daf59e357c38406e9Virustotal results 39/53 (73.58%) Shylock 37.230.115.205:443
2016-12-15 14:54:59f813a75ca6332076803888db9d62205aVirustotal results 10/48 (20.83%) Shylock 37.230.115.205:443
2016-12-15 13:38:18e325a64b587279905ea7255e9addb77aVirustotal results 31/50 (62.00%) Shylock 37.230.115.205:443
2016-12-15 01:07:57c4f584c697ed6f73ce8b35a21ba7bb95Virustotal results 40/53 (75.47%) Shylock 37.230.115.205:443
2016-12-13 16:54:17af16662368b477f4cd90b3472a87b49dVirustotal results 32/55 (58.18%) Shylock 37.230.115.205:443
2016-11-24 17:12:2958d71cc8a226c3e305e3b643c111826cVirustotal results 43/57 (75.44%) Shylock 37.230.115.205:443
2016-11-18 14:00:51cb4cbdaee264967aa9eead2be29c7d90Virustotal results 36/57 (63.16%) Shylock 37.230.115.205:443
2016-11-16 19:34:441af23b6b4624b75e028cf175604622d1Virustotal results 35/54 (64.81%) Shylock 37.230.115.205:443
2016-11-16 03:42:059354930b49eaaae02f7ce65f9f7ae0d2Virustotal results 42/51 (82.35%) Shylock 37.230.115.205:443
2016-11-14 19:21:491426a57cbeb4cff799fcedd930b1d852Virustotal results 22/50 (44.00%) 37.230.115.205:443
2016-10-02 00:35:074a6c30e9666b009a85b577cf232f3d96Virustotal results 36/50 (72.00%) Shylock 37.230.115.205:443
2016-08-16 08:57:29c159aeefbf646a613ca1409eda2c5547Virustotal results 36/57 (63.16%) Shylock 37.230.115.205:443
2016-08-14 23:34:482d9330cb9b731680c8dd553e09673eb9Virustotal results 34/53 (64.15%) 37.230.115.205:443
2016-08-14 14:05:253747c691f8b5789d9c6ede379f0f1fbbVirustotal results 38/54 (70.37%) 37.230.115.205:443

# of entries: 22 (max: 100)