SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 97af5cc8e72796f4fae487044536958a8c6d68f6.

Database Entry


SHA1 Fingerprint:97af5cc8e72796f4fae487044536958a8c6d68f6
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:SSLv3
First seen:2014-06-24 18:05:43 UTC
Last seen:2014-06-25 09:00:31 UTC
Status:Blacklisted
Listing reason:Shylock C&C
Listing date:2014-06-25 07:57:57
Malware samples:18
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2014-06-25 09:00:3129b2ac7756f5263926fd1389cf48a85fVirustotal results 31/54 (57.41%) Shylock 181.41.199.51:443
2014-06-25 07:29:43fc4d5fc760b53baec6d64c41292e99d3Virustotal results 26/53 (49.06%) Shylock 181.41.199.51:443
2014-06-25 07:28:4793083da42a3c3b5fd0d84a9c46887ef6Virustotal results 34/55 (61.82%) Shylock 181.41.199.51:443
2014-06-25 07:23:48a383e197f08956d7ba238d80c0f28c04Virustotal results 19/54 (35.19%) Shylock 181.41.199.51:443
2014-06-25 06:42:285c159dd0edb412894508ced0a3da1d65Virustotal results 22/53 (41.51%) Shylock 181.41.199.51:443
2014-06-25 06:11:4372d76d817dd1764be712295f75ac2ee2Virustotal results 3/54 (5.56%) Shylock 181.41.199.51:443
2014-06-25 05:55:36ef04ded64ad76627cabffc7252beb8a8Virustotal results 26/54 (48.15%) Shylock 181.41.199.51:443
2014-06-25 05:40:34341cfaf9ddefa2990b20115cc97c9e7cVirustotal results 18/53 (33.96%) Shylock 181.41.199.51:443
2014-06-25 05:12:142950848d501a4502527f2305189743f4Virustotal results 7/53 (13.21%) Shylock 181.41.199.51:443
2014-06-25 03:51:03826ac9cc831c11d1bc5af4d923a9a29fVirustotal results 8/54 (14.81%) Shylock 181.41.199.51:443
2014-06-25 02:14:09313aadf3a3daa3a26d1c3179923ac968Virustotal results 16/54 (29.63%) Shylock 181.41.199.51:443
2014-06-25 01:51:0417a3fb26849c80299a6f5fc5817212acVirustotal results 22/54 (40.74%) Shylock 181.41.199.51:443
2014-06-25 00:34:3162b42368249b6bea3e91542fccd23022Virustotal results 32/51 (62.75%) Shylock 181.41.199.51:443
2014-06-25 00:24:224a0ef84f018aabcccc47dd1f8cd52f24Virustotal results 1/53 (1.89%) Shylock 181.41.199.51:443
2014-06-24 23:24:286c1a5120738db8345dc553f15ca05030Virustotal results 27/53 (50.94%) Shylock 181.41.199.51:443
2014-06-24 21:21:32398465383003fa58c2fdb60255550782Virustotal results 39/55 (70.91%) Shylock 181.41.199.51:443
2014-06-24 20:27:1510fb6ca2d09da798a547a8e1d523d730Virustotal results 5/54 (9.26%) Shylock 181.41.199.51:443
2014-06-24 18:05:43bc65d0408a28268f6181dd5bba8ce3fbVirustotal results 29/54 (53.70%) Shylock 181.41.199.51:443

# of entries: 18 (max: 100)