SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 05946f5e7664d0843055003be6aa635d6c69243b.
Database Entry
| SHA1 Fingerprint: | 05946f5e7664d0843055003be6aa635d6c69243b |
|---|---|
| Certificate Common Name (CN): | divinemarketplace.com |
| Issuer Distinguished Name (DN): | Let's Encrypt Authority X3 |
| TLS Version: | TLS 1.2 |
| First seen: | 2018-11-13 16:25:05 UTC |
| Last seen: | 2018-11-21 17:51:14 UTC |
| Status: | Blacklisted |
| Listing reason: | Gozi C&C |
| Listing date: | 2018-11-22 09:07:32 |
| Malware samples: | 4 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2018-11-21 17:51:14 | cef0079d9d6e88bfe4efd1b66519321f |  11/68 (16.18%)
| Gozi | 185.159.129.100:443 |
| 2018-11-21 17:51:14 | cef0079d9d6e88bfe4efd1b66519321f | 11/68 (16.18%)
| Gozi | 185.159.129.100:443 |
| 2018-11-15 10:47:38 | 842fe65bd1063b005809b5cd0c5413ff | 7/68 (10.29%)
| Gozi | 185.159.129.100:443 |
| 2018-11-15 10:47:38 | 842fe65bd1063b005809b5cd0c5413ff | 7/68 (10.29%)
| Gozi | 185.159.129.100:443 |
| 2018-11-13 22:43:58 | d6281c3c157a6ffe3f38968b088f462e | 7/67 (10.45%)
| Gozi | 185.159.129.100:443 |
| 2018-11-13 22:43:58 | d6281c3c157a6ffe3f38968b088f462e | 7/67 (10.45%)
| Gozi | 185.159.129.100:443 |
| 2018-11-13 16:25:05 | c6f8652e0930dc912c6d1fa08b08383b | 10/65 (15.38%)
| Gozi | 185.159.129.100:443 |
| 2018-11-13 16:25:05 | c6f8652e0930dc912c6d1fa08b08383b | 10/65 (15.38%)
| Gozi | 185.159.129.100:443 |
# of entries: 8 (max: 100)