SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 776384c49cc893139b680fa92da82a11d754a25f.
Database Entry
| SHA1 Fingerprint: | 776384c49cc893139b680fa92da82a11d754a25f |
|---|---|
| Certificate Common Name (CN): | localhost |
| Issuer Distinguished Name (DN): | localhost |
| TLS Version: | TLSv1 |
| First seen: | 2016-07-11 11:48:22 UTC |
| Last seen: | 2016-07-19 00:11:24 UTC |
| Status: | Blacklisted |
| Listing reason: | Gootkit C&C |
| Listing date: | 2016-07-12 06:56:59 |
| Malware samples: | 14 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-07-19 00:11:24 | 7ce7ba6d88d146e7cd49f28d246781b4 |  27/53 (50.94%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-19 00:11:24 | 7ce7ba6d88d146e7cd49f28d246781b4 | 27/53 (50.94%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-18 21:14:08 | aee6f32fd236fd820535c4a4aef131c0 | 18/54 (33.33%)
| Shylock | 112.20.178.110:80 |
| 2016-07-18 21:14:08 | aee6f32fd236fd820535c4a4aef131c0 | 18/54 (33.33%)
| Shylock | 112.20.178.110:80 |
| 2016-07-18 15:17:02 | 6271a3455e1e2e65d312dcff2bea2048 | 34/57 (59.65%)
| Shylock | 112.20.178.110:80 |
| 2016-07-18 15:17:02 | 6271a3455e1e2e65d312dcff2bea2048 | 34/57 (59.65%)
| Shylock | 112.20.178.110:80 |
| 2016-07-18 04:35:42 | 4e16f5aeb8caf95fe2399e072b6df103 | 30/55 (54.55%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-18 04:35:42 | 4e16f5aeb8caf95fe2399e072b6df103 | 30/55 (54.55%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-18 02:46:44 | 5ddb9c4439a98e210c706cece4c9624f | n/a | Shylock | 112.20.178.110:80 |
| 2016-07-18 02:46:44 | 5ddb9c4439a98e210c706cece4c9624f | n/a | Shylock | 112.20.178.110:80 |
| 2016-07-18 01:05:47 | feeaefdfe1ceaf976e447be4e45d37e2 | 19/54 (35.19%)
| Shylock | 112.20.178.110:80 |
| 2016-07-18 01:05:47 | feeaefdfe1ceaf976e447be4e45d37e2 | 19/54 (35.19%)
| Shylock | 112.20.178.110:80 |
| 2016-07-16 18:56:52 | 0e67f3476b472e6c70f634aca7bb891c | 41/57 (71.93%)
| Shylock | 112.20.178.110:80 |
| 2016-07-16 18:56:52 | 0e67f3476b472e6c70f634aca7bb891c | 41/57 (71.93%)
| Shylock | 112.20.178.110:80 |
| 2016-07-16 18:20:32 | 213e23f09801ad5deee69db524763d5b | n/a | Shylock | 112.20.178.110:80 |
| 2016-07-16 18:20:32 | 213e23f09801ad5deee69db524763d5b | n/a | Shylock | 112.20.178.110:80 |
| 2016-07-16 18:15:35 | 774e1d9f9e2b2a7bcbb921aced97937b | n/a | Gootkit | 112.20.178.110:80 |
| 2016-07-16 18:15:35 | 774e1d9f9e2b2a7bcbb921aced97937b | n/a | Gootkit | 112.20.178.110:80 |
| 2016-07-15 09:49:15 | 8028430d6855109f64de7481143e3766 | 23/55 (41.82%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-15 09:49:15 | 8028430d6855109f64de7481143e3766 | 23/55 (41.82%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-12 09:42:17 | feb5553828a4a4da1490c8c95319388f | n/a | Gootkit | 112.20.178.110:80 |
| 2016-07-12 09:42:17 | feb5553828a4a4da1490c8c95319388f | n/a | Gootkit | 112.20.178.110:80 |
| 2016-07-12 08:51:41 | 9d29646b640057e598fa48335aa520f6 | 28/54 (51.85%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-12 08:51:41 | 9d29646b640057e598fa48335aa520f6 | 28/54 (51.85%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-11 14:43:37 | 87a60d3b09619e6480175a33a77fad61 | 36/55 (65.45%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-11 14:43:37 | 87a60d3b09619e6480175a33a77fad61 | 36/55 (65.45%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-11 11:48:22 | 0c3fd79f7565ae56ba2db92eeb8a4ed2 | 15/55 (27.27%)
| Gootkit | 112.20.178.110:80 |
| 2016-07-11 11:48:22 | 0c3fd79f7565ae56ba2db92eeb8a4ed2 | 15/55 (27.27%)
| Gootkit | 112.20.178.110:80 |
# of entries: 28 (max: 100)