SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 73d8ec1f29195ef2d9e0b618e72f3c80c0ac6ba7.

Database Entry


SHA1 Fingerprint:73d8ec1f29195ef2d9e0b618e72f3c80c0ac6ba7
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-08-02 15:47:32 UTC
Last seen:2016-08-05 09:54:46 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-08-05 08:02:57
Malware samples:8
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-08-05 09:54:46e4a268129c2df30a14c388a2c9d355e5n/aShylock 31.44.189.100:80
2016-08-05 00:21:252722a1c53c51f704e0b8836cc85c2cf7n/aShylock 31.44.189.100:80
2016-08-04 13:03:3633beec260e624b443af10c26201a8061n/aGootkit 31.44.189.100:80
2016-08-04 05:44:3489d228400fe4dc05fb83abd8ecb99573n/aShylock 31.44.189.100:80
2016-08-03 18:54:59b0371d2458b0606eafacc9ddb0b49934n/aShylock 31.44.189.100:80
2016-08-03 18:00:44b0ecfd2699ca04695f17f9e79ac518d3n/aShylock 31.44.189.100:80
2016-08-02 19:10:544d1c865756c036dcfe6593efa7c2a3a0n/aShylock 31.44.189.100:80
2016-08-02 15:47:324377be526e08e1b0ef9751f20b994951n/aShylock 31.44.189.100:80

# of entries: 8 (max: 100)