SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint c05d8be1bb8db73d625e77e8de0cd6254a8f0d75.

Database Entry


SHA1 Fingerprint:c05d8be1bb8db73d625e77e8de0cd6254a8f0d75
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-09-13 20:32:36 UTC
Last seen:2016-09-18 02:45:11 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-09-15 15:45:48
Malware samples:8
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-09-18 02:45:1162489be0009213e8d076e29831c1966en/aGootkit 178.21.14.193:80
2016-09-16 14:08:536da4b84251c04ed4c9145ef9c524c6a7Virustotal results 35/57 (61.40%) Gootkit 178.21.14.193:80
2016-09-16 05:49:501d57b39e750d7ebf1b1442848c45e031Virustotal results 38/57 (66.67%) Gootkit 178.21.14.193:80
2016-09-15 20:38:516f75f354d9d012393f3c66840e084e1an/aGootkit 178.21.14.193:80
2016-09-15 06:11:4654292c870156a0fee994960d35c4cac8n/aGootkit 178.21.14.193:80
2016-09-15 00:42:28a31b112632ee6fd187ce8ba8c1d5fda8Virustotal results 45/57 (78.95%) Gootkit 178.21.14.193:80
2016-09-14 01:57:141c5df1a7bb7ee6e6842de23963438050Virustotal results 5/57 (8.77%) Gootkit 178.21.14.193:80
2016-09-13 20:32:36bd2dd865d401e5875be08a8d14e44111Virustotal results 29/57 (50.88%) Gootkit 178.21.14.193:80

# of entries: 8 (max: 100)