SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint d34ad02fa23233b6493e363d6337e8358d9747d7.

Database Entry


SHA1 Fingerprint:d34ad02fa23233b6493e363d6337e8358d9747d7
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLS 1.2
First seen:2017-01-22 17:06:20 UTC
Last seen:2019-07-27 15:34:49 UTC
Status:Blacklisted
Listing reason:Malware C&C
Listing date:2019-07-27 15:16:06
Malware samples:5
Botnet C&Cs:5

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2019-07-27 15:34:49080a7e7fd37cd77ae8f7a6a9d6fac2faVirustotal results 25/70 (35.71%) Gozi 197.255.225.249:443
2019-07-27 13:09:51e3ba45266ca7a29d2a1d3e0822387d9cVirustotal results 23/66 (34.85%) ArkeiStealer188.227.212.233:443
2019-07-25 11:05:46f7584aac9b0fc59d8b9d7c834cb85cf1Virustotal results 24/69 (34.78%) Gozi 37.75.34.239:443
2017-03-02 07:17:03c134e23679d17fdfcfb2a0cebd3f7119n/aKovter95.68.112.253:443
2017-01-22 17:06:20426c6263b0cef93bb39183ac7104d3can/aKovter31.13.163.72:443

# of entries: 5 (max: 100)