SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 849079a5855a6b6d50728445d1261bf3e8885bef.

Database Entry

SHA1 Fingerprint:849079a5855a6b6d50728445d1261bf3e8885bef
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:SSLv3
First seen:2014-04-30 22:58:42 UTC
Last seen:2014-05-05 14:33:09 UTC
Listing reason:Shylock C&C
Listing date:2014-05-04 08:24:32
Malware samples:6
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2014-05-05 14:33:09e74cb79a70b3bacd5d8d73d5b00e2093Virustotal results 18/52 (34.62%) Shylock
2014-05-05 11:35:547352cc0d306845de1fcc1e6e82d76654Virustotal results 1/51 (1.96%) Shylock
2014-05-05 08:05:4422d3d55fa19f668b456d9937022c3b6eVirustotal results 17/51 (33.33%) Shylock
2014-05-03 20:01:04d02d14ea97cab9dd6ca9e3abcb94ef9fVirustotal results 20/52 (38.46%) Shylock
2014-05-03 01:09:10e4f4162b0a10ab9acdd5c66739d90e7cVirustotal results 38/57 (66.67%) Shylock
2014-04-30 22:58:4275bece4ecaf08c67a76bff54fe38750bVirustotal results 29/54 (53.70%) Shylock

# of entries: 6 (max: 100)