SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 99d76bc2abd334b383167edf35dce11f2241aae4.

Database Entry


SHA1 Fingerprint:99d76bc2abd334b383167edf35dce11f2241aae4
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-05-22 18:18:25 UTC
Last seen:2016-06-10 14:36:29 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-06-02 07:58:58
Malware samples:11
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-06-10 14:36:29fe9b3adfafa056c9e6c48ca564f96563Virustotal results 5/57 (8.77%) Shylock 148.100.111.208:80
2016-06-09 17:12:58da930409f8546d2736b49250d9cb7256Virustotal results 4/57 (7.02%) Shylock 148.100.111.208:80
2016-06-08 18:59:0229db6bd75651c0498bdcd0da0b85f969Virustotal results 10/57 (17.54%) Gootkit 148.100.111.208:80
2016-06-08 02:15:098f1da5fdc25f56eea0b2931ecd4bfa15n/aGootkit 148.100.111.208:80
2016-06-07 19:57:27de2fcbb041cff9ab482943ae722ce024n/aShylock 148.100.111.208:80
2016-06-04 04:18:586540c87db9de97e7f3d23a74cb9a2199Virustotal results 10/57 (17.54%) Gootkit 148.100.111.208:80
2016-06-03 22:29:36ab977126a56b8458354357e8f80b532cVirustotal results 12/57 (21.05%) Gootkit 148.100.111.208:80
2016-06-02 22:48:380575030ccf9b9ffa126c36126945de50Virustotal results 6/57 (10.53%) Gootkit 148.100.111.208:80
2016-06-02 07:32:24419a52906a23d49eacd6ee9cf111e48dVirustotal results 34/57 (59.65%) Gootkit 148.100.111.208:80
2016-05-27 10:42:506ff7ebec05c80df56ad3c2c0092fa32aVirustotal results 23/55 (41.82%) Gootkit 148.100.111.208:80
2016-05-22 18:18:250171b6c7bdeb7f3ae5976c99f87b81baVirustotal results 31/57 (54.39%) Shylock 148.100.111.208:80

# of entries: 11 (max: 100)