SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint b11e5db4da0a1eb419ec3d14443b10616daa0233.

Database Entry


SHA1 Fingerprint:b11e5db4da0a1eb419ec3d14443b10616daa0233
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-05-06 10:29:06 UTC
Last seen:2016-07-17 14:03:01 UTC
Status:Blacklisted
Listing reason:Shylock C&C
Listing date:2016-05-17 14:48:39
Malware samples:107
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-07-17 14:03:01a82f8c331c146be1204ec3d6559559ffn/aShylock 182.23.64.182:80
2016-07-17 07:16:33a12589aa541276920df09c8412d05a49Virustotal results 45/64 (70.31%) Shylock 182.23.64.182:80
2016-07-16 08:04:00fcd1d5b9ffdaa5d07d3c742237e3dd9en/aShylock 182.23.64.182:80
2016-07-16 07:34:287d1c89b6defff9956972379d0e2c57ean/aShylock 182.23.64.182:80
2016-07-15 23:50:03798853ead9bb0d5be4e277fbf8b20bf0n/aShylock 182.23.64.182:80
2016-07-15 18:16:5253592b6ca2d1d21075ba6795aef758d4n/aShylock 182.23.64.182:80
2016-07-15 18:12:2415366699c1ed224dc223d81d416cf6a2n/aShylock 182.23.64.182:80
2016-07-15 17:58:16cc5a3bb6e6f22fa91418ad5c32daa787n/aShylock 182.23.64.182:80
2016-07-15 16:56:30d9537e8bdfa2cea8858ff0d9a231258cn/aShylock 182.23.64.182:80
2016-07-15 15:49:0526fe94ee5424cf264b6b3b71147c22b7n/aShylock 182.23.64.182:80
2016-07-15 09:50:59d13f10754ac9f0d1cef40063262898c1n/aGootkit 182.23.64.182:80
2016-07-15 03:11:16d9fb4cb2ca5a854f9aa49659922ae5f8n/aShylock 182.23.64.182:80
2016-07-15 03:06:3029e0c558b756f37fe5ffff687e8e80ebn/aShylock 182.23.64.182:80
2016-07-15 01:44:4175bc09583b34920678a5021591afd848n/aGootkit 182.23.64.182:80
2016-07-13 20:47:05fda721d70b43dc8097a54a1f87dfc905n/aShylock 182.23.64.182:80
2016-07-12 20:05:364c053a3ae1561744c8502b99a250e9fcn/aGootkit 182.23.64.182:80
2016-07-11 17:30:46ac5c12e98f318f06641d08de56c03c80n/aShylock 182.23.64.182:80
2016-07-11 16:10:34428438e6ef97c37c864e24d9a201f0c9n/aShylock 182.23.64.182:80
2016-07-11 00:00:257ca306d0bba6989d146dddecdba37cd4n/aShylock 182.23.64.182:80
2016-07-10 18:44:071ef90a9093339e367ee047f22094c5een/aGootkit 182.23.64.182:80
2016-07-09 21:13:29666136fbce0ae9f7900bf8c2325bdeb5Virustotal results 13/55 (23.64%) Shylock 182.23.64.182:80
2016-07-09 20:35:22f307789a3f3d47137fffcb52b9fb78c3Virustotal results 5/54 (9.26%) Shylock 182.23.64.182:80
2016-07-09 18:56:0163551adfadf030e8685694008a6cb4ean/aShylock 182.23.64.182:80
2016-07-09 00:47:377d3f194c36c2e0a8445686e60e3890fbn/aShylock 182.23.64.182:80
2016-07-09 00:24:3295cd84cc0b8789751a831ac0b38e34e4Virustotal results 39/56 (69.64%) Gootkit 182.23.64.182:80
2016-07-08 17:24:37b85a700a096afd0e3628070f63df53b9Virustotal results 42/56 (75.00%) Shylock 182.23.64.182:80
2016-07-08 08:55:3527b5116c41c96fc2fc19117ba3fcc6c1Virustotal results 33/56 (58.93%) Shylock 182.23.64.182:80
2016-07-08 08:32:09e5310634668be867cb9ecc11c386ceban/aShylock 182.23.64.182:80
2016-07-07 11:14:39990f804a7123334f127093054082f0b4Virustotal results 41/57 (71.93%) Shylock 182.23.64.182:80
2016-07-07 01:18:1200fbc0d113685e97b08a329fbb24a3e0n/aShylock 182.23.64.182:80
2016-07-06 23:48:149b595e6485f36c3c1029bcd42d53b2a6n/aShylock 182.23.64.182:80
2016-07-05 22:41:08727cb6523af2d1513700a4cee03f353en/aShylock 182.23.64.182:80
2016-07-05 14:38:1753235a9f206d07c12bd99f04fd4f0948Virustotal results 36/56 (64.29%) Shylock 182.23.64.182:80
2016-07-05 09:29:41865edcca33631fa14d1e47ac0c2e8478Virustotal results 34/54 (62.96%) Shylock 182.23.64.182:80
2016-07-05 01:34:53e40c8c6f38328bcb1572e8fdd4e7aeban/aShylock 182.23.64.182:80
2016-07-04 19:30:390722628771a9503675cf73eb5cc444b0Virustotal results 53/67 (79.10%) Shylock 182.23.64.182:80
2016-07-04 06:27:19cb1221fe5b0d8a058d4753eb286a5770n/aShylock 182.23.64.182:80
2016-07-04 06:24:113721cab949ecbe42dd41000c19e36289n/aShylock 182.23.64.182:80
2016-07-04 04:22:454a1503211611a82e7083f981a442ab4fVirustotal results 4/53 (7.55%) Shylock 182.23.64.182:80
2016-07-04 02:08:563b271465d19c92384a666f7bddf2be4an/aShylock 182.23.64.182:80
2016-07-03 12:55:27150b9737af6dca8c437d2b058b9ed09dn/aShylock 182.23.64.182:80
2016-07-03 00:00:055ec1f9739a273367ecf404f7b5889acan/aShylock 182.23.64.182:80
2016-06-28 16:27:078226a0b961a4d65de33c68697ef24d87n/aShylock 182.23.64.182:80
2016-06-28 13:50:04d2d9015f3b1bcd7f017b8d5f25c407ban/aShylock 182.23.64.182:80
2016-06-27 20:42:51b92365b87c43e43242ea53aa40766642Virustotal results 33/56 (58.93%) Shylock 182.23.64.182:80
2016-06-21 05:45:595b93871b00699f51a41d2875d06e1abcVirustotal results 36/56 (64.29%) Shylock 182.23.64.182:80
2016-06-19 17:09:19a4dd32575301699387c0032a0c0a7bafVirustotal results 38/68 (55.88%) Shylock 182.23.64.182:80
2016-06-19 11:57:2143ac343f254ea6832155167bbf7c32b2n/aShylock 182.23.64.182:80
2016-06-17 19:44:12806a8388ec1c11f0ca7af275ee77d3f5n/aShylock 182.23.64.182:80
2016-06-17 13:09:180a4163bfd01ec76858f9c5b26a449207n/aGootkit 182.23.64.182:80
2016-06-17 12:32:36b1e08abea02a60c22547696f717e9222n/aShylock 182.23.64.182:80
2016-06-17 04:59:29963bdcd30c0dcacef83cee9e1bb17191n/aShylock 182.23.64.182:80
2016-06-16 15:16:40257f4c0e4d761a6f71233704f80b18d6Virustotal results 35/54 (64.81%) Shylock 182.23.64.182:80
2016-06-16 12:46:38d2a7a87357e1953bdee349c43f4cce4dVirustotal results 40/55 (72.73%) Shylock 182.23.64.182:80
2016-06-15 10:56:02dc3048ed4d6719458aaf5ac431207004n/aGootkit 182.23.64.182:80
2016-06-15 05:26:515e3dadadf447b8bef666f31d578ba4c4n/aGootkit 182.23.64.182:80
2016-06-14 03:40:02c7f587bd06c155e5264f5033240080bbn/aShylock 182.23.64.182:80
2016-06-12 22:56:57317f0d5987ad3ad4c9954a261496bb54n/aGootkit 182.23.64.182:80
2016-06-11 10:57:02dc72722c4a2816c38325c6a6ee2d0359n/aGootkit 182.23.64.182:80
2016-06-10 14:49:338218c66e387a720d1a29bb0479316a5fn/aGootkit 182.23.64.182:80
2016-06-10 06:06:27b94f8a0631f14a6b0497efe825ac99a5n/aGootkit 182.23.64.182:80
2016-06-09 12:17:29af05c4198b4e3eec483df28a4dcab2d3n/aGootkit 182.23.64.182:80
2016-06-09 10:21:2604453b8a43335fb25b6f683204f754dan/aGootkit 182.23.64.182:80
2016-06-08 21:16:31a7a48998f80a863db0c0180156ad4f91n/aGootkit 182.23.64.182:80
2016-06-08 13:47:20c3b8ee006da60c700e232cdf5f806bdeVirustotal results 36/57 (63.16%) Gootkit 182.23.64.182:80
2016-06-08 06:27:1116315c690dc72e2f2f27b1b30c19a205n/aGootkit 182.23.64.182:80
2016-06-04 16:43:5723a527333f0c8665b2990e0f623e3593n/aGootkit 182.23.64.182:80
2016-05-31 18:56:191b4fb7dcfd89d25e0a9c3786118283c3n/aGootkit 182.23.64.182:80
2016-05-31 15:32:147b432b46ba26e383abb127f8b7cc21ben/aGootkit 182.23.64.182:80
2016-05-31 08:24:52e4c8c8a94536b85565bd794bf0e42c1dn/aGootkit 182.23.64.182:80
2016-05-30 18:30:18e4fcbf163877e0aba24e9d51eb738fa6n/aGootkit 182.23.64.182:80
2016-05-29 23:41:36a0d29792b5b642dc2261f6196b2ae9c5n/aGootkit 182.23.64.182:80
2016-05-29 19:33:48ee51aa1c0c64f3f1a6845d29ffbb822fn/aGootkit 182.23.64.182:80
2016-05-29 03:48:366d91d38488255e01d28f53efd9dca7d6n/aGootkit 182.23.64.182:80
2016-05-28 15:28:53cb6705eb45888af6473c11e5f06d5891n/aGootkit 182.23.64.182:80
2016-05-27 13:32:222f973eab6ab3839db0884ecaa051e7bfn/aShylock 182.23.64.182:80
2016-05-27 09:28:08990ecf2a137d4900a371518892d07330Virustotal results 34/57 (59.65%) Shylock 182.23.64.182:80
2016-05-27 05:51:274c3614750885093ba35ad72b4e211466n/aGootkit 182.23.64.182:80
2016-05-27 00:09:27376b833f60b786277618614fbc0203b7n/aShylock 182.23.64.182:80
2016-05-26 11:29:520688583e442e6440c12acf1326f49e23n/aGootkit 182.23.64.182:80
2016-05-26 09:25:571f97e0631854030ad95cbf87f5c2b802n/aGootkit 182.23.64.182:80
2016-05-25 22:51:141fc2b5f8296bac04bf1c29807483f601n/aGootkit 182.23.64.182:80
2016-05-25 11:25:553116482a5ea5ef9ec48a477c4d3535efn/aGootkit 182.23.64.182:80
2016-05-25 06:24:15f3b70a6419905ec825f8d8917e3968b8n/aGootkit 182.23.64.182:80
2016-05-24 13:33:22359d2213de9266dc2b69e3fa2ad61504n/aGootkit 182.23.64.182:80
2016-05-23 06:57:4956cc2a98faa11f27255b098290e55ddcn/aGootkit 182.23.64.182:80
2016-05-23 06:57:44f9acdc831b07943bb2fcb44a16d714a3n/aGootkit 182.23.64.182:80
2016-05-22 21:45:58a357eb021726d02ca00bca6a7b08a3f1n/aGootkit 182.23.64.182:80
2016-05-21 12:34:14d96b2d7c6b67ee7779e1cfeac1bccf5en/aGootkit 182.23.64.182:80
2016-05-20 22:32:41b1c24a4e1aba8e6403be9f9ea2998f6an/aGootkit 182.23.64.182:80
2016-05-20 08:34:57af216d402049683f29cef594c1c9f97en/aGootkit 182.23.64.182:80
2016-05-20 04:33:3616a0051f5f4468844f8947634839f4d3n/aGootkit 182.23.64.182:80
2016-05-19 07:05:0378b45d62f8f26e032224a5794328e4b8n/aGootkit 182.23.64.182:80
2016-05-19 06:40:493e566f6b4eb67d33dd38ca41d6831b1fn/aGootkit 182.23.64.182:80
2016-05-17 15:45:47a7453376a2c50e3058dd34a7c70ab507Virustotal results 20/56 (35.71%) Gootkit 182.23.64.182:80
2016-05-17 13:01:50dd73e0eca3e83a59bbb4dbfcf5e70ac2n/aGootkit 182.23.64.182:80
2016-05-16 10:29:376cfce16bb91927022835159ec25d69a7n/aGootkit 182.23.64.182:80
2016-05-16 10:10:20e743412162b206b9c264e38317567a95n/aGootkit 182.23.64.182:80
2016-05-16 09:53:1321c8a75c7aa130fd2a4b5b1a97ea4d34n/aGootkit 182.23.64.182:80
2016-05-16 09:06:15a9d4d9e58df4999188ea67f1e30854d2Virustotal results 20/57 (35.09%) Gootkit 182.23.64.182:80

# of entries: 100 (max: 100)