SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a82dd258544acf0a109296493421262397741db7.

Database Entry


SHA1 Fingerprint:a82dd258544acf0a109296493421262397741db7
Certificate Common Name (CN):google.com/emailAddress=web@google.com
Issuer Distinguished Name (DN):google.com/emailAddress=web@google.com
TLS Version:TLS 1.2
First seen:2016-12-26 23:22:36 UTC
Last seen:2016-12-29 13:27:14 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-12-28 10:03:54
Malware samples:8
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-12-29 13:27:1404deb0ebae39b261a58df442553f3b96n/aGootkit 94.177.175.55:80
2016-12-28 14:32:190dda0592354ca3ae26269fac3cafe9d4n/aGootkit 94.177.175.55:80
2016-12-28 10:52:01c869ba2a4a26c1b50b724590b3086356Virustotal results 39/57 (68.42%) Gootkit 94.177.175.55:80
2016-12-28 05:49:187018014d96e283789e3438b956181ff4Virustotal results 33/56 (58.93%) Gootkit 94.177.175.55:80
2016-12-27 11:14:24e982bb966976eee81a531be3a90435ben/aGootkit 94.177.175.55:80
2016-12-27 08:41:174c6710464f6f688522f81f64832b9f1aVirustotal results 32/57 (56.14%) Gootkit 94.177.175.55:80
2016-12-27 03:20:1265ad4ad49eff82a7265a453f2f56d8d9Virustotal results 36/56 (64.29%) Gootkit 94.177.175.55:80
2016-12-26 23:22:3623aafa647eef370ecad77d4bbb43f68fVirustotal results 33/57 (57.89%) Gootkit 94.177.175.55:80

# of entries: 8 (max: 100)