SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint c8bfc445d133d9c3a6e4606f105e0dd8b19948a3.

Database Entry


SHA1 Fingerprint:c8bfc445d133d9c3a6e4606f105e0dd8b19948a3
Certificate Common Name (CN):www.__RANDOM_STR_.com/O=__RANDOM_STR_./C=US
Issuer Distinguished Name (DN):www.__RANDOM_STR_.com/O=__RANDOM_STR_./C=US
TLS Version:TLS 1.2
First seen:2016-12-01 02:44:51 UTC
Last seen:2016-12-02 16:31:18 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-12-01 16:32:49
Malware samples:12
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-12-02 16:31:180aa60f5495f9a1ee2afd13505884044bVirustotal results 28/53 (52.83%) Gootkit 89.40.124.71:80
2016-12-02 07:13:506d7742ae0cf5b8ede6e4df2aa9c6e6edn/aGootkit 89.40.124.71:80
2016-12-02 04:07:34e4ea2ba6d2b30996be815cd93dbd4213n/aGootkit 89.40.124.71:80
2016-12-02 02:32:136f910a9897008f76fc354dd44876dd35n/aGootkit 89.40.124.71:80
2016-12-01 20:01:0586ea927564b581eee722c1bf4f4c6c92n/aGootkit 89.40.124.71:80
2016-12-01 19:57:24962190b662f1f000a21338c9d2a0bb0an/aGootkit 89.40.124.71:80
2016-12-01 18:45:09fde75bee96d1d4197957db941f3e7734n/aGootkit 89.40.124.71:80
2016-12-01 14:03:49d0e671e5a833954db6b36765e13cd95fn/aGootkit 89.40.124.71:80
2016-12-01 13:49:256c3c28b34109a0937769832fe0fa8faan/aGootkit 89.40.124.71:80
2016-12-01 08:27:14a0d3438aab87fb696a6e98b500100128Virustotal results 26/57 (45.61%) Gootkit 89.40.124.71:80
2016-12-01 06:16:48b823750504930088e3e714aee8edee6cVirustotal results 31/57 (54.39%) Gootkit 89.40.124.71:80
2016-12-01 02:44:527a0d3c34f64e914da9525dd1152cd971Virustotal results 25/57 (43.86%) Gootkit 89.40.124.71:80

# of entries: 12 (max: 100)