SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 73ece1b64a6dc90a4de27d74884c57a67d8d09ef.

Database Entry


SHA1 Fingerprint:73ece1b64a6dc90a4de27d74884c57a67d8d09ef
Certificate Common Name (CN):www.r36m9529.com/O=r36m9529./C=US
Issuer Distinguished Name (DN):www.r36m9529.com/O=r36m9529./C=US
TLS Version:SSLv3
First seen:2015-12-20 11:54:10 UTC
Last seen:2015-12-21 15:34:04 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2015-12-21 06:43:14
Malware samples:5
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-12-21 15:34:046a6eb15b70a92b95717993944f1ed5b8Virustotal results 6/54 (11.11%) Gootkit 188.166.74.217:80
2015-12-20 16:00:3209ae0a183866616fd34850245e3e0493Virustotal results 3/54 (5.56%) Gootkit 188.166.74.217:80
2015-12-20 15:10:07914f01708648a2bf8ed250e927e633feVirustotal results 10/54 (18.52%) Gootkit 188.166.74.217:80
2015-12-20 12:05:370bca2469a63c6221beefa5af02a00b92Virustotal results 10/54 (18.52%) Gootkit 188.166.74.217:80
2015-12-20 11:54:1007e4ba7f7f97fa036801f18693d49a20Virustotal results 9/54 (16.67%) Gootkit 188.166.74.217:80

# of entries: 5 (max: 100)