SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 05946f5e7664d0843055003be6aa635d6c69243b.

Database Entry


SHA1 Fingerprint:05946f5e7664d0843055003be6aa635d6c69243b
Certificate Common Name (CN):divinemarketplace.com
Issuer Distinguished Name (DN):Let's Encrypt Authority X3
TLS Version:TLS 1.2
First seen:2018-11-13 16:25:05 UTC
Last seen:2018-11-21 17:51:14 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2018-11-22 09:07:32
Malware samples:4
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-11-21 17:51:14cef0079d9d6e88bfe4efd1b66519321fVirustotal results 11/68 (16.18%) Gozi 185.159.129.100:443
2018-11-15 10:47:38842fe65bd1063b005809b5cd0c5413ffVirustotal results 7/68 (10.29%) Gozi 185.159.129.100:443
2018-11-13 22:43:58d6281c3c157a6ffe3f38968b088f462eVirustotal results 7/67 (10.45%) Gozi 185.159.129.100:443
2018-11-13 16:25:05c6f8652e0930dc912c6d1fa08b08383bVirustotal results 10/65 (15.38%) Gozi 185.159.129.100:443

# of entries: 4 (max: 100)