SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 01be746568576d7aeceec8ee6d0749f1260cd686.

Database Entry

SHA1 Fingerprint:	01be746568576d7aeceec8ee6d0749f1260cd686
Certificate Common Name (CN):	*
Issuer Distinguished Name (DN):	*
TLS Version:	TLS 1.2
First seen:	2018-03-11 15:44:24 UTC
Last seen:	2018-03-22 11:40:52 UTC
Status:	Blacklisted
Listing reason:	Gozi C&C
Listing date:	2018-03-22 16:12:02
Malware samples:	6
Botnet C&Cs:	2

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2018-03-22 11:40:52	ec2d94a0695330cecff56c86897498ed	34/65 (52.31%)	Gozi	5.63.158.236:443
2018-03-22 11:40:52	ec2d94a0695330cecff56c86897498ed	34/65 (52.31%)	Gozi	5.63.158.236:443
2018-03-19 13:32:57	fcf53476c655730bf3486983be218455	45/67 (67.16%)	Gozi	5.63.158.236:443
2018-03-19 13:32:57	fcf53476c655730bf3486983be218455	45/67 (67.16%)	Gozi	5.63.158.236:443
2018-03-16 13:40:31	87168e6481cd48167296c901fd10e276	34/67 (50.75%)	Gozi	5.63.158.236:443
2018-03-16 13:40:31	87168e6481cd48167296c901fd10e276	34/67 (50.75%)	Gozi	5.63.158.236:443
2018-03-14 19:49:53	e9c16ccd0cf290c26b22fc27c90ecd37	39/67 (58.21%)	Gozi	5.63.158.236:443
2018-03-14 19:49:53	e9c16ccd0cf290c26b22fc27c90ecd37	39/67 (58.21%)	Gozi	5.63.158.236:443
2018-03-12 08:51:35	1f3b50ab41238b313be057d59de474c5	36/65 (55.38%)	Gozi	5.63.158.236:443
2018-03-12 08:51:35	1f3b50ab41238b313be057d59de474c5	36/65 (55.38%)	Gozi	5.63.158.236:443
2018-03-11 15:44:24	d97a5c4c4f56178220c7271acc4b2617	14/68 (20.59%)	Gozi	134.0.115.63:443
2018-03-11 15:44:24	d97a5c4c4f56178220c7271acc4b2617	14/68 (20.59%)	Gozi	134.0.115.63:443

# of entries: 12 (max: 100)