SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint b21eb5fc2f3aa11e5d9ff643a5b3c2ce70f8b250.

Database Entry

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2014-07-27 21:17:40	bb45bc6538809e4ab45b5f0b7af3d3b0	21/54 (38.89%)	Shylock	140.117.170.107:443
2014-07-27 21:17:40	bb45bc6538809e4ab45b5f0b7af3d3b0	21/54 (38.89%)	Shylock	140.117.170.107:443
2014-07-26 14:29:00	b4b85925969612d6761944514550efaa	20/54 (37.04%)	Shylock	140.117.170.107:443
2014-07-26 14:29:00	b4b85925969612d6761944514550efaa	20/54 (37.04%)	Shylock	140.117.170.107:443
2014-07-14 09:35:36	9a8e992c1f3c5e9d713aa18e643e4368	25/54 (46.30%)	Shylock	140.117.170.107:443
2014-07-14 09:35:36	9a8e992c1f3c5e9d713aa18e643e4368	25/54 (46.30%)	Shylock	140.117.170.107:443
2014-07-13 22:36:11	227155e7b833069226c5bc0a2a3a28a1	30/53 (56.60%)	Shylock	140.117.170.107:443
2014-07-13 22:36:11	227155e7b833069226c5bc0a2a3a28a1	30/53 (56.60%)	Shylock	140.117.170.107:443
2014-07-13 10:48:17	92b9c11ef5d5ff4addfa507def7c3a55	35/54 (64.81%)	Shylock	140.117.170.107:443
2014-07-13 10:48:17	92b9c11ef5d5ff4addfa507def7c3a55	35/54 (64.81%)	Shylock	140.117.170.107:443
2014-07-12 21:40:45	479afe856618af51a00e9d511037f7c8	23/54 (42.59%)	Shylock	140.117.170.107:443
2014-07-12 21:40:45	479afe856618af51a00e9d511037f7c8	23/54 (42.59%)	Shylock	140.117.170.107:443
2014-07-12 19:28:26	585dd1f11bb4c325f8e715c3dbbd54d7	20/54 (37.04%)	Shylock	140.117.170.107:443
2014-07-12 19:28:26	585dd1f11bb4c325f8e715c3dbbd54d7	20/54 (37.04%)	Shylock	140.117.170.107:443

# of entries: 14 (max: 100)