SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a838ffd695033908b3a3f0bad7653c38edceebb4.

Database Entry


SHA1 Fingerprint:a838ffd695033908b3a3f0bad7653c38edceebb4
Certificate Common Name (CN):www.oj7i7ldi.com/O=5fa5g66r./C=US
Issuer Distinguished Name (DN):www.oj7i7ldi.com/O=5fa5g66r./C=US
TLS Version:TLSv1
First seen:2015-11-09 20:20:23 UTC
Last seen:2015-11-14 00:07:04 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2015-11-10 10:02:09
Malware samples:10
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-11-14 00:07:04fcfe658b77f0526e3af9391b2928dfc1Virustotal results 8/55 (14.55%) Gootkit 176.123.29.23:80
2015-11-13 07:37:5329b1bb49a40b3a11850b62298435771en/aGootkit 176.123.29.23:80
2015-11-13 07:36:482963e29c9e05bfbff14c88b0efb7d495n/aGootkit 176.123.29.23:80
2015-11-13 07:29:52477b0b14766d3fd5f51831eaf3918debVirustotal results 30/55 (54.55%) Gootkit 176.123.29.23:80
2015-11-13 07:06:0911327731908d0554b7fe913c97e87871Virustotal results 28/56 (50.00%) Gootkit 176.123.29.23:80
2015-11-13 04:59:404d598197d099c734fe8b8790cc04cbbfn/aGootkit 176.123.29.23:80
2015-11-12 22:18:46cb5ed3eae23e336e4a9681925761f7e2Virustotal results 32/56 (57.14%) Gootkit 176.123.29.23:80
2015-11-12 19:11:245d470c55cdcb45795dadaf254136c9e1Virustotal results 13/55 (23.64%) Gootkit 176.123.29.23:80
2015-11-10 22:39:35f80de329d75c9f30a18517b34c84d776Virustotal results 14/56 (25.00%) Gootkit 176.123.29.23:80
2015-11-09 20:20:2338864c75bd258bb07e2c954a1686140fVirustotal results 30/56 (53.57%) Gootkit 176.123.29.23:80

# of entries: 10 (max: 100)