SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 86bca833e8c2805625a0b90a0facc45c7f198f56.

Database Entry


SHA1 Fingerprint:86bca833e8c2805625a0b90a0facc45c7f198f56
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:SSLv3
First seen:2014-06-26 15:02:19 UTC
Last seen:2014-07-01 08:09:03 UTC
Status:Blacklisted
Listing reason:Shylock C&C
Listing date:2014-06-26 17:34:23
Malware samples:48
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2014-07-01 08:09:03b42e4384ac9a7b8db9b776fb3c349db0Virustotal results 22/54 (40.74%) Shylock 23.89.188.42:443
2014-06-29 06:56:15ae962cf8a2d1b2d2d96fe876b87ae727Virustotal results 21/54 (38.89%) Shylock 23.89.188.42:443
2014-06-29 06:14:58ac6db4f295f1ecdc27af5956d383bef6Virustotal results 21/54 (38.89%) Shylock 23.89.188.42:443
2014-06-29 05:09:36a91b39353f4b1184d477d883413fd0b2Virustotal results 24/54 (44.44%) 23.89.188.42:443
2014-06-28 21:55:07a2fc094e828cf80cff989d6b3c57c8e7Virustotal results 34/53 (64.15%) Shylock 23.89.188.42:443
2014-06-28 16:40:58a14c00868ccf2055513d34e91d30ca25Virustotal results 31/54 (57.41%) Shylock 23.89.188.42:443
2014-06-28 16:17:15a13642e2ad8ebf26b9b8d7306e83cb49Virustotal results 22/54 (40.74%) 23.89.188.42:443
2014-06-28 11:04:3990d953be6a814b521ef4197e94775dbeVirustotal results 32/53 (60.38%) Shylock 23.89.188.42:443
2014-06-28 09:56:5586b5d49ffef1e79da0cabcc2a8e7b35aVirustotal results 17/54 (31.48%) Shylock 23.89.188.42:443
2014-06-28 08:18:31c7335bfbd52295936c57ae37956ce075Virustotal results 12/54 (22.22%) Shylock 23.89.188.42:443
2014-06-28 07:47:132099d27b0866d35d024b7bda7278871bVirustotal results 31/54 (57.41%) Shylock 23.89.188.42:443
2014-06-28 07:39:0713bf9988b7db0f6b5c6df0966ce179b6Virustotal results 29/54 (53.70%) 23.89.188.42:443
2014-06-28 07:02:49c003d0cbf4ab2ca365f3ce4a8371b2a7Virustotal results 4/49 (8.16%) Shylock 23.89.188.42:443
2014-06-28 05:36:2936f88de2931eb238d487298af7653172Virustotal results 28/54 (51.85%) Shylock 23.89.188.42:443
2014-06-28 04:43:03573bdb8e4c4469457fe3f38d3f47e7d0Virustotal results 1/49 (2.04%) 23.89.188.42:443
2014-06-28 03:53:26e42b63c6b823daa592601e84d10b644bVirustotal results 2/53 (3.77%) 23.89.188.42:443
2014-06-28 03:13:193466b72cb85131945088f8719d4abc81Virustotal results 28/54 (51.85%) Shylock 23.89.188.42:443
2014-06-28 01:55:5678677caef6d2b5eef9d18fd3f9e9d47fVirustotal results 22/53 (41.51%) 23.89.188.42:443
2014-06-28 01:43:22e95ebe6e0880a3671d36db7be2b959f7Virustotal results 32/55 (58.18%) 23.89.188.42:443
2014-06-28 01:16:03fbc421bbf925679181435a00514de22eVirustotal results 19/54 (35.19%) Shylock 23.89.188.42:443
2014-06-28 01:10:2160931f684ada0f63b01b91c42dfc0962Virustotal results 24/54 (44.44%) Shylock 23.89.188.42:443
2014-06-28 00:49:3726f12e5a888812dff5566b22bfe173dcVirustotal results 14/54 (25.93%) Shylock 23.89.188.42:443
2014-06-28 00:22:270105aaa2a29d51f6fe31c284a2c8e9a9Virustotal results 25/54 (46.30%) Shylock 23.89.188.42:443
2014-06-27 23:21:337ddd34c2f5f010b8672bc19da4616154Virustotal results 19/54 (35.19%) Shylock 23.89.188.42:443
2014-06-27 23:10:502b6fab77a7ef9174f72f9fc29a51100dVirustotal results 30/54 (55.56%) Shylock 23.89.188.42:443
2014-06-27 22:49:15ea0086c610bcd2cda59860a924934727Virustotal results 22/54 (40.74%) Shylock 23.89.188.42:443
2014-06-27 22:48:32e79b2a72ba890f6b8b2c7d6e7e4f6f4aVirustotal results 27/54 (50.00%) 23.89.188.42:443
2014-06-27 22:31:2052e9041ce02d28739852b04411ef5b99Virustotal results 34/53 (64.15%) 23.89.188.42:443
2014-06-27 21:59:066f3239d72cc0e4eb70bbdc594defcac0Virustotal results 30/54 (55.56%) 23.89.188.42:443
2014-06-27 21:50:17f0e124b9a8ad06b25d915273e0897897Virustotal results 8/54 (14.81%) Shylock 23.89.188.42:443
2014-06-27 20:33:28ec36a2efb3b348687a47b14d5d43b618Virustotal results 24/53 (45.28%) Shylock 23.89.188.42:443
2014-06-27 12:18:13c934d1d3055777f9fb53286b80bdf5f9Virustotal results 2/54 (3.70%) Shylock 23.89.188.42:443
2014-06-27 10:30:1898a9ee8d9de53e11cfaa340983ee2458Virustotal results 34/54 (62.96%) Shylock 23.89.188.42:443
2014-06-27 10:16:5295f3a44f7319e2f4187c9e0ac2eaaef3Virustotal results 25/54 (46.30%) 23.89.188.42:443
2014-06-27 09:53:4291659c03d61c2e3046acac05afbe27bdVirustotal results 23/53 (43.40%) 23.89.188.42:443
2014-06-27 09:23:26d7c92bba5c971046f13af93750ca4a5eVirustotal results 5/53 (9.43%) Shylock 23.89.188.42:443
2014-06-27 06:43:280157c17a8a0c21a435020709ccd1be0dVirustotal results 21/53 (39.62%) ZeuS 23.89.188.42:443
2014-06-27 06:26:00585f740472c6dd86ed22d3355d15f29aVirustotal results 28/54 (51.85%) Shylock 23.89.188.42:443
2014-06-27 05:07:32f1fa8ad9f56d5814b664c65356a62d2eVirustotal results 7/54 (12.96%) Shylock 23.89.188.42:443
2014-06-27 03:54:0401f3e04bb97603983abd4f10e9e423ffVirustotal results 22/54 (40.74%) Shylock 23.89.188.42:443
2014-06-27 03:38:2872fc85b1cfd104d99a84b070ca09cee5Virustotal results 27/54 (50.00%) Shylock 23.89.188.42:443
2014-06-27 02:07:19455b23ec7277dd5d2ce6071013fefb95Virustotal results 20/53 (37.74%) Shylock 23.89.188.42:443
2014-06-27 00:04:377a5864883d7412b607868743650a6e5cVirustotal results 25/54 (46.30%) Shylock 23.89.188.42:443
2014-06-26 22:46:55facbe15d5ace2c9c540b092aeccd10a0Virustotal results 26/54 (48.15%) Shylock 23.89.188.42:443
2014-06-26 19:44:42485d50b5e553eb927975b43406b80973Virustotal results 36/54 (66.67%) Shylock 23.89.188.42:443
2014-06-26 19:37:125d9aa2c8b52fa22c24874987fabe2a9fVirustotal results 9/54 (16.67%) Shylock 23.89.188.42:443
2014-06-26 19:25:043fcb8946770adb60dd2ea10fed5caae1Virustotal results 19/54 (35.19%) Shylock 23.89.188.42:443
2014-06-26 15:02:194a65b3f98a678a6c00f54f7844a61d65Virustotal results 30/54 (55.56%) Shylock 23.89.188.42:443

# of entries: 48 (max: 100)