SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint b08a4939fb88f375a2757eaddc47b1fb8b554439.

Database Entry


SHA1 Fingerprint:b08a4939fb88f375a2757eaddc47b1fb8b554439
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:SSLv3
First seen:2014-05-04 03:46:33 UTC
Last seen:2014-05-13 08:19:41 UTC
Status:Blacklisted
Listing reason:Shylock C&C
Listing date:2014-05-04 08:09:56
Malware samples:11
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2014-05-13 08:19:41821f1a38c283a18754b6990a93aefda5Virustotal results 20/52 (38.46%) Shylock 198.61.231.19:443
2014-05-12 04:07:318562a49d4d6f3b4c1c0dbc8614509568Virustotal results 5/52 (9.62%) Shylock 198.61.231.19:443
2014-05-12 01:51:000965d869ff5fd221e2eb4da3e0d5d7b4Virustotal results 2/52 (3.85%) Shylock 198.61.231.19:443
2014-05-11 22:32:12ecd01357797485d3d61397723f68feb4Virustotal results 3/52 (5.77%) Shylock 198.61.231.19:443
2014-05-11 12:37:57915cd4b8a99c9fee9d6061c50bceca68Virustotal results 28/53 (52.83%) Shylock 198.61.231.19:443
2014-05-09 09:14:4051f603cb7afc197e58ca30597b87dbb6Virustotal results 2/52 (3.85%) Shylock 198.61.231.19:443
2014-05-08 13:42:219d18d9fe764f1fa6f192b22d5ffa413aVirustotal results 2/50 (4.00%) Shylock 198.61.231.19:443
2014-05-08 09:33:05bdc1398c1c39f0bf21090eb9c96a39f2Virustotal results 4/38 (10.53%) Shylock 198.61.231.19:443
2014-05-08 01:23:05a6f6a1ca2ae01a123fd956aff042fdd6Virustotal results 2/51 (3.92%) Shylock 198.61.231.19:443
2014-05-05 08:23:359498a0c3b7a18acfdc0640a1c75b45caVirustotal results 32/53 (60.38%) Shylock 198.61.231.19:443
2014-05-04 03:46:33429c581313a5f678335745279076dd2dVirustotal results 22/52 (42.31%) Shylock 198.61.231.19:443

# of entries: 11 (max: 100)