SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint eb528589e1b42305c6780a059609b89b9079b7f7.
Database Entry
| SHA1 Fingerprint: | eb528589e1b42305c6780a059609b89b9079b7f7 |
|---|---|
| Certificate Common Name (CN): | www.hd4bcsor.com/O=hd4bcsor./C=US |
| Issuer Distinguished Name (DN): | www.hd4bcsor.com/O=hd4bcsor./C=US |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-09-01 10:56:55 UTC |
| Last seen: | 2016-09-03 18:21:31 UTC |
| Status: | Blacklisted |
| Listing reason: | Gootkit C&C |
| Listing date: | 2016-09-02 08:34:30 |
| Malware samples: | 4 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-09-03 18:21:31 | 14a63ee2d65ec1b7200dc2b6d48932aa |  37/58 (63.79%)
| Gootkit | 198.98.112.144:80 |
| 2016-09-03 18:21:31 | 14a63ee2d65ec1b7200dc2b6d48932aa | 37/58 (63.79%)
| Gootkit | 198.98.112.144:80 |
| 2016-09-02 03:41:23 | da56c0cd09f9fc4d34fccd1e45dd9289 | 34/57 (59.65%)
| Gootkit | 198.98.112.144:80 |
| 2016-09-02 03:41:23 | da56c0cd09f9fc4d34fccd1e45dd9289 | 34/57 (59.65%)
| Gootkit | 198.98.112.144:80 |
| 2016-09-01 21:48:47 | 583b7cdd1cfb8f3d7ebc6011ae900f05 | 31/57 (54.39%)
| Gootkit | 198.98.112.144:80 |
| 2016-09-01 21:48:47 | 583b7cdd1cfb8f3d7ebc6011ae900f05 | 31/57 (54.39%)
| Gootkit | 198.98.112.144:80 |
| 2016-09-01 10:56:55 | de15aa9a7aefd24ff0839cab20b91a08 | 42/57 (73.68%)
| Gootkit | 198.98.112.144:80 |
| 2016-09-01 10:56:55 | de15aa9a7aefd24ff0839cab20b91a08 | 42/57 (73.68%)
| Gootkit | 198.98.112.144:80 |
# of entries: 8 (max: 100)