SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 01be746568576d7aeceec8ee6d0749f1260cd686.

Database Entry


SHA1 Fingerprint:01be746568576d7aeceec8ee6d0749f1260cd686
Certificate Common Name (CN):*
Issuer Distinguished Name (DN):*
TLS Version:TLS 1.2
First seen:2018-03-11 15:44:24 UTC
Last seen:2018-03-22 11:40:52 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2018-03-22 16:12:02
Malware samples:6
Botnet C&Cs:2

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-03-22 11:40:52ec2d94a0695330cecff56c86897498edVirustotal results 34/65 (52.31%) Gozi 5.63.158.236:443
2018-03-19 13:32:57fcf53476c655730bf3486983be218455Virustotal results 45/67 (67.16%) Gozi 5.63.158.236:443
2018-03-16 13:40:3187168e6481cd48167296c901fd10e276Virustotal results 34/67 (50.75%) Gozi 5.63.158.236:443
2018-03-14 19:49:53e9c16ccd0cf290c26b22fc27c90ecd37Virustotal results 39/67 (58.21%) Gozi 5.63.158.236:443
2018-03-12 08:51:351f3b50ab41238b313be057d59de474c5Virustotal results 36/65 (55.38%) Gozi 5.63.158.236:443
2018-03-11 15:44:24d97a5c4c4f56178220c7271acc4b2617Virustotal results 14/68 (20.59%) Gozi 134.0.115.63:443

# of entries: 6 (max: 100)