SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 699ae29fd30a7723a696578b4b8ffe089ead8e9b.

Database Entry


SHA1 Fingerprint:699ae29fd30a7723a696578b4b8ffe089ead8e9b
Certificate Common Name (CN):www.__RANDOM_STR_.com/O=__RANDOM_STR_./C=US
Issuer Distinguished Name (DN):www.__RANDOM_STR_.com/O=__RANDOM_STR_./C=US
TLS Version:TLS 1.2
First seen:2016-12-16 19:27:07 UTC
Last seen:2016-12-17 19:50:23 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-12-17 08:53:08
Malware samples:6
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-12-17 19:50:236f8644ab094c71f729ced9a517739454n/aGootkit 149.56.201.67:80
2016-12-17 19:32:209b9d7332df57c2ba483617550e6cf711n/aGootkit 149.56.201.67:80
2016-12-17 16:58:43254232b70743076dd1cbb30987eacbafn/aGootkit 149.56.201.67:80
2016-12-17 05:51:48c1df3be6677c21f63443201b87920b5fVirustotal results 38/55 (69.09%) Gootkit 149.56.201.67:80
2016-12-17 03:48:22175b9457c7732b113ee810e70ea2ee9en/aGootkit 149.56.201.67:80
2016-12-16 19:27:07f87611e9da32c73cd3603ec04256ede0n/aGootkit 149.56.201.67:80

# of entries: 6 (max: 100)