SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint b3ff91c310bf2b6873c90bfc870806ef4eaec49a.

Database Entry

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2014-05-16 18:59:48	0c0ba7da3f9e053e76ce56c751071ded	29/53 (54.72%)	Shylock	37.123.99.15:443
2014-05-16 18:59:48	0c0ba7da3f9e053e76ce56c751071ded	29/53 (54.72%)	Shylock	37.123.99.15:443
2014-05-16 03:09:34	61573941e9ff02c771e0ff393703ca50	29/52 (55.77%)	Shylock	37.123.99.15:443
2014-05-16 03:09:34	61573941e9ff02c771e0ff393703ca50	29/52 (55.77%)	Shylock	37.123.99.15:443
2014-05-15 05:59:03	dc7011f12fc8e64325f6d4f5b52b29b9	n/a	Shylock	37.123.99.15:443
2014-05-15 05:59:03	dc7011f12fc8e64325f6d4f5b52b29b9	n/a	Shylock	37.123.99.15:443
2014-05-13 14:23:18	a0ecc4c84337ec2d44bc3e83ebb62e73	2/51 (3.92%)	Shylock	37.123.99.15:443
2014-05-13 14:23:18	a0ecc4c84337ec2d44bc3e83ebb62e73	2/51 (3.92%)	Shylock	37.123.99.15:443
2014-05-13 08:19:41	821f1a38c283a18754b6990a93aefda5	20/52 (38.46%)	Shylock	37.123.99.15:443
2014-05-13 08:19:41	821f1a38c283a18754b6990a93aefda5	20/52 (38.46%)	Shylock	37.123.99.15:443
2014-05-12 04:07:31	8562a49d4d6f3b4c1c0dbc8614509568	5/52 (9.62%)	Shylock	37.123.99.15:443
2014-05-12 04:07:31	8562a49d4d6f3b4c1c0dbc8614509568	5/52 (9.62%)	Shylock	37.123.99.15:443
2014-05-10 14:46:18	be33a982459d6828a4e455663bff4a6d	22/53 (41.51%)	Shylock	37.123.99.15:443
2014-05-10 14:46:18	be33a982459d6828a4e455663bff4a6d	22/53 (41.51%)	Shylock	37.123.99.15:443
2014-05-10 10:20:46	bf71238a25998315f5027ffa1b6a2b04	n/a	Shylock	37.123.99.15:443
2014-05-10 10:20:46	bf71238a25998315f5027ffa1b6a2b04	n/a	Shylock	37.123.99.15:443
2014-05-09 08:39:37	d04ddef244da5d72f2882d0c69240664	2/51 (3.92%)	Shylock	37.123.99.15:443
2014-05-09 08:39:37	d04ddef244da5d72f2882d0c69240664	2/51 (3.92%)	Shylock	37.123.99.15:443
2014-05-07 15:22:46	89bccc2cc1940728c17bca3f4f39f8ac	26/52 (50.00%)	Shylock	37.123.99.15:443
2014-05-07 15:22:46	89bccc2cc1940728c17bca3f4f39f8ac	26/52 (50.00%)	Shylock	37.123.99.15:443
2014-05-07 10:39:24	5ca01c8f26c1a6e6c6af71a330a7fb2c	6/52 (11.54%)	Shylock	37.123.99.15:443
2014-05-07 10:39:24	5ca01c8f26c1a6e6c6af71a330a7fb2c	6/52 (11.54%)	Shylock	37.123.99.15:443
2014-05-07 10:29:31	cf996af0a46b3e014b841c6dee33b29b	14/51 (27.45%)	Shylock	37.123.99.15:443
2014-05-07 10:29:31	cf996af0a46b3e014b841c6dee33b29b	14/51 (27.45%)	Shylock	37.123.99.15:443
2014-05-07 09:31:44	e5940f0ec7cbe177d6e8c82abea85a87	18/52 (34.62%)	Shylock	37.123.99.15:443
2014-05-07 09:31:44	e5940f0ec7cbe177d6e8c82abea85a87	18/52 (34.62%)	Shylock	37.123.99.15:443
2014-05-05 14:19:43	ccff80f30ae93f58464d41b2694659cf	13/52 (25.00%)	Shylock	37.123.99.15:443
2014-05-05 14:19:43	ccff80f30ae93f58464d41b2694659cf	13/52 (25.00%)	Shylock	37.123.99.15:443
2014-05-05 06:36:04	8f5cb962b5582508b423e99ba48a5546	1/52 (1.92%)	Shylock	37.123.99.15:443
2014-05-05 06:36:04	8f5cb962b5582508b423e99ba48a5546	1/52 (1.92%)	Shylock	37.123.99.15:443
2014-05-04 19:23:38	b40f77595c702c596bf9db24125ffbc7	7/51 (13.73%)	Shylock	37.123.99.15:443
2014-05-04 19:23:38	b40f77595c702c596bf9db24125ffbc7	7/51 (13.73%)	Shylock	37.123.99.15:443
2014-05-02 19:09:29	5b0a7ae383dd269f0c204f58bceeee0d	16/52 (30.77%)	Shylock	37.123.99.15:443
2014-05-02 19:09:29	5b0a7ae383dd269f0c204f58bceeee0d	16/52 (30.77%)	Shylock	37.123.99.15:443
2014-04-30 14:40:44	57e5929bcac4b198538512cafe6fb2f5	19/52 (36.54%)	Shylock	37.123.99.15:443
2014-04-30 14:40:44	57e5929bcac4b198538512cafe6fb2f5	19/52 (36.54%)	Shylock	37.123.99.15:443
2014-04-30 03:47:56	61604991a6519da75a0a576bb797bf01	2/51 (3.92%)	Shylock	37.123.99.15:443
2014-04-30 03:47:56	61604991a6519da75a0a576bb797bf01	2/51 (3.92%)	Shylock	37.123.99.15:443

# of entries: 38 (max: 100)