SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint b21eb5fc2f3aa11e5d9ff643a5b3c2ce70f8b250.

Database Entry


SHA1 Fingerprint:b21eb5fc2f3aa11e5d9ff643a5b3c2ce70f8b250
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:SSLv3
First seen:2014-07-12 19:28:26 UTC
Last seen:2014-07-27 21:17:40 UTC
Status:Blacklisted
Listing reason:Shylock C&C
Listing date:2014-07-13 08:00:01
Malware samples:7
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2014-07-27 21:17:40bb45bc6538809e4ab45b5f0b7af3d3b0Virustotal results 21/54 (38.89%) Shylock 140.117.170.107:443
2014-07-26 14:29:00b4b85925969612d6761944514550efaaVirustotal results 20/54 (37.04%) Shylock 140.117.170.107:443
2014-07-14 09:35:369a8e992c1f3c5e9d713aa18e643e4368Virustotal results 25/54 (46.30%) Shylock 140.117.170.107:443
2014-07-13 22:36:11227155e7b833069226c5bc0a2a3a28a1Virustotal results 30/53 (56.60%) Shylock 140.117.170.107:443
2014-07-13 10:48:1792b9c11ef5d5ff4addfa507def7c3a55Virustotal results 35/54 (64.81%) Shylock 140.117.170.107:443
2014-07-12 21:40:45479afe856618af51a00e9d511037f7c8Virustotal results 23/54 (42.59%) Shylock 140.117.170.107:443
2014-07-12 19:28:26585dd1f11bb4c325f8e715c3dbbd54d7Virustotal results 20/54 (37.04%) Shylock 140.117.170.107:443

# of entries: 7 (max: 100)