SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 92b2686b8f007b93772bfdde74bdcbd82d4643cc.

Database Entry


SHA1 Fingerprint:92b2686b8f007b93772bfdde74bdcbd82d4643cc
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-08-12 09:28:58 UTC
Last seen:2016-08-27 14:52:57 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-08-23 15:40:38
Malware samples:11
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-08-27 14:52:5713ac579452350b4ba39065d871111a0bVirustotal results 34/57 (59.65%) Gootkit 5.157.38.50:80
2016-08-27 03:22:5942febb3d30b5d69a99e7249e8aebc6a4n/aGootkit 5.157.38.50:80
2016-08-27 00:49:51e74c9ac7dcebee76552792f781dd4cdeVirustotal results 30/58 (51.72%) Gootkit 5.157.38.50:80
2016-08-25 19:53:213fd24132b832b1b6c5fa0a567f121a7fn/aGootkit 5.157.38.50:80
2016-08-24 07:04:00d1bb868738dd3492790326403520c47bVirustotal results 31/58 (53.45%) Gootkit 5.157.38.50:80
2016-08-20 06:32:241148f233c1ce9a9dbbc68dada52d5686n/aGootkit 5.157.38.50:80
2016-08-19 23:30:35197fb3c8a9620e6fe810c8855b17cebbVirustotal results 42/57 (73.68%) Gootkit 5.157.38.50:80
2016-08-17 15:05:06a0de510cdcaf19d97263e9b966590e82n/aGootkit 5.157.38.50:80
2016-08-17 14:47:37c7e01ddf44be559e97f8b9067030f628n/aGootkit 5.157.38.50:80
2016-08-17 08:01:00a9d2fefd2e5e76e6eda692b7b9a262b8Virustotal results 10/52 (19.23%) Gootkit 5.157.38.50:80
2016-08-12 09:28:58e0ba0855094fc685f3a52f3faf1f73b4n/aGootkit 5.157.38.50:80

# of entries: 11 (max: 100)