SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 19fc51f0a4181e610b6187a522a15aef7b56ed33.

Database Entry

SHA1 Fingerprint:	19fc51f0a4181e610b6187a522a15aef7b56ed33
Certificate Common Name (CN):	billdixononline.com
Issuer Distinguished Name (DN):	Let's Encrypt Authority X3
TLS Version:	TLS 1.2
First seen:	2018-12-06 23:12:15 UTC
Last seen:	2018-12-09 12:01:49 UTC
Status:	Blacklisted
Listing reason:	Gozi C&C
Listing date:	2018-12-10 13:02:29
Malware samples:	35
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2018-12-09 12:01:49	2deb64e6c155d01e5d0b57fe55cda143	8/69 (11.59%)	Gozi	46.29.160.188:443
2018-12-09 12:01:49	2deb64e6c155d01e5d0b57fe55cda143	8/69 (11.59%)	Gozi	46.29.160.188:443
2018-12-08 14:00:21	07ba262dc595cb93755c34d0c2d9f97a	15/69 (21.74%)	Gozi	46.29.160.188:443
2018-12-08 14:00:21	07ba262dc595cb93755c34d0c2d9f97a	15/69 (21.74%)	Gozi	46.29.160.188:443
2018-12-07 10:19:45	ed27a78d80c65fa0cf761bbd58148ed3	13/68 (19.12%)	Gozi	46.29.160.188:443
2018-12-07 10:19:45	ed27a78d80c65fa0cf761bbd58148ed3	13/68 (19.12%)	Gozi	46.29.160.188:443
2018-12-07 10:09:28	ed62468c368cd540db898f07fb538b8b	30/60 (50.00%)	Gozi	46.29.160.188:443
2018-12-07 10:09:28	ed62468c368cd540db898f07fb538b8b	30/60 (50.00%)	Gozi	46.29.160.188:443
2018-12-07 09:59:39	eacc1541a766e5eea35c103f64b153b3	n/a	Gozi	46.29.160.188:443
2018-12-07 09:59:39	eacc1541a766e5eea35c103f64b153b3	n/a	Gozi	46.29.160.188:443
2018-12-07 09:43:42	dd4b23a94fae3ba0b33554c17569a7ce	n/a	Gozi	46.29.160.188:443
2018-12-07 09:43:42	dd4b23a94fae3ba0b33554c17569a7ce	n/a	Gozi	46.29.160.188:443
2018-12-07 09:26:25	f5a36047fbe053f85a93205a3684c3ff	n/a	Gozi	46.29.160.188:443
2018-12-07 09:26:25	f5a36047fbe053f85a93205a3684c3ff	n/a	Gozi	46.29.160.188:443
2018-12-07 09:23:25	eaf1c432c89aaa9becddbeef3643fa7d	n/a	Gozi	46.29.160.188:443
2018-12-07 09:23:25	eaf1c432c89aaa9becddbeef3643fa7d	n/a	Gozi	46.29.160.188:443
2018-12-07 09:14:22	fdd555ba958f770084ddb39c5563111b	n/a	Gozi	46.29.160.188:443
2018-12-07 09:14:22	fdd555ba958f770084ddb39c5563111b	n/a	Gozi	46.29.160.188:443
2018-12-07 08:33:49	e1e2946210e9241d1ee55430469228e9	n/a	Gozi	46.29.160.188:443
2018-12-07 08:33:49	e1e2946210e9241d1ee55430469228e9	n/a	Gozi	46.29.160.188:443
2018-12-07 07:35:05	db009122bbf9b86b0d726c42e6cd1d18	n/a	Gozi	46.29.160.188:443
2018-12-07 07:35:05	db009122bbf9b86b0d726c42e6cd1d18	n/a	Gozi	46.29.160.188:443
2018-12-07 07:09:45	0f7c477ec2ae694e2507c3bcea1dbdca	37/61 (60.66%)	Gozi	46.29.160.188:443
2018-12-07 07:09:45	0f7c477ec2ae694e2507c3bcea1dbdca	37/61 (60.66%)	Gozi	46.29.160.188:443
2018-12-07 07:07:44	fed8145b79ceccd8264df5558a282ecb	38/54 (70.37%)	Gozi	46.29.160.188:443
2018-12-07 07:07:44	fed8145b79ceccd8264df5558a282ecb	38/54 (70.37%)	Gozi	46.29.160.188:443
2018-12-07 07:03:43	fc2bbfe36289265535c5f1c1236e4910	n/a	Gozi	46.29.160.188:443
2018-12-07 07:03:43	fc2bbfe36289265535c5f1c1236e4910	n/a	Gozi	46.29.160.188:443
2018-12-07 06:15:18	d3301e402c406c944a3a481a2e3e0c14	n/a	Gozi	46.29.160.188:443
2018-12-07 06:15:18	d3301e402c406c944a3a481a2e3e0c14	n/a	Gozi	46.29.160.188:443
2018-12-07 05:34:10	f1e5762b39e93757129bf47f957c2114	n/a	Gozi	46.29.160.188:443
2018-12-07 05:34:10	f1e5762b39e93757129bf47f957c2114	n/a	Gozi	46.29.160.188:443
2018-12-07 05:30:23	f67e15c81f2b5a73097c58394c0d284f	n/a	Gozi	46.29.160.188:443
2018-12-07 05:30:23	f67e15c81f2b5a73097c58394c0d284f	n/a	Gozi	46.29.160.188:443
2018-12-07 05:06:06	1ad358e235f9a49684b7c7118e6b1560	36/69 (52.17%)	Gozi	46.29.160.188:443
2018-12-07 05:06:06	1ad358e235f9a49684b7c7118e6b1560	36/69 (52.17%)	Gozi	46.29.160.188:443
2018-12-07 05:02:30	d6d6ed5abab372c026fcccace1c88c1a	n/a	Gozi	46.29.160.188:443
2018-12-07 05:02:30	d6d6ed5abab372c026fcccace1c88c1a	n/a	Gozi	46.29.160.188:443
2018-12-07 04:28:20	f5d42f522be2cf8f0085b9665ecab465	n/a	Gozi	46.29.160.188:443
2018-12-07 04:28:20	f5d42f522be2cf8f0085b9665ecab465	n/a	Gozi	46.29.160.188:443
2018-12-07 04:21:41	d5e30c42e0acea001845b59983fb9ca7	n/a	Gozi	46.29.160.188:443
2018-12-07 04:21:41	d5e30c42e0acea001845b59983fb9ca7	n/a	Gozi	46.29.160.188:443
2018-12-07 03:36:52	f73c0e911a88836b5d32b3353a60e540	n/a	Gozi	46.29.160.188:443
2018-12-07 03:36:52	f73c0e911a88836b5d32b3353a60e540	n/a	Gozi	46.29.160.188:443
2018-12-07 01:58:42	cf85238e34e42713944b61372aed7221	n/a	Gozi	46.29.160.188:443
2018-12-07 01:58:42	cf85238e34e42713944b61372aed7221	n/a	Gozi	46.29.160.188:443
2018-12-07 01:18:53	f8aa8917d858b40df29ad6f110edca52	35/60 (58.33%)	Gozi	46.29.160.188:443
2018-12-07 01:18:53	f8aa8917d858b40df29ad6f110edca52	35/60 (58.33%)	Gozi	46.29.160.188:443
2018-12-07 01:16:24	f650319e7b09c14561b8b2755e39de6d	n/a	Gozi	46.29.160.188:443
2018-12-07 01:16:24	f650319e7b09c14561b8b2755e39de6d	n/a	Gozi	46.29.160.188:443
2018-12-07 01:07:29	f93d39e9beaa80cf9de1b92d196a5846	n/a	Gozi	46.29.160.188:443
2018-12-07 01:07:29	f93d39e9beaa80cf9de1b92d196a5846	n/a	Gozi	46.29.160.188:443
2018-12-07 01:03:35	d030c69029f89de03003b6b0b1951c36	n/a	Gozi	46.29.160.188:443
2018-12-07 01:03:35	d030c69029f89de03003b6b0b1951c36	n/a	Gozi	46.29.160.188:443
2018-12-07 00:57:18	d0eb0ee639b455c97ccf85be61b020c7	n/a	Gozi	46.29.160.188:443
2018-12-07 00:57:18	d0eb0ee639b455c97ccf85be61b020c7	n/a	Gozi	46.29.160.188:443
2018-12-07 00:45:34	d53c815766d13245245b19f713015082	n/a	Gozi	46.29.160.188:443
2018-12-07 00:45:34	d53c815766d13245245b19f713015082	n/a	Gozi	46.29.160.188:443
2018-12-07 00:05:34	d69c8af8dd90d126a3cf5ca1aa778d7a	22/58 (37.93%)	Gozi	46.29.160.188:443
2018-12-07 00:05:34	d69c8af8dd90d126a3cf5ca1aa778d7a	22/58 (37.93%)	Gozi	46.29.160.188:443
2018-12-07 00:04:28	fe5eb0dbbe8c964bc508d00aedbb1e32	n/a	Gozi	46.29.160.188:443
2018-12-07 00:04:28	fe5eb0dbbe8c964bc508d00aedbb1e32	n/a	Gozi	46.29.160.188:443
2018-12-06 23:49:01	e40739269541a59826a846a1393d21bc	n/a	Gozi	46.29.160.188:443
2018-12-06 23:49:01	e40739269541a59826a846a1393d21bc	n/a	Gozi	46.29.160.188:443
2018-12-06 23:33:59	dee293ff6371afe64b9c0a99141cc2ec	n/a	Gozi	46.29.160.188:443
2018-12-06 23:33:59	dee293ff6371afe64b9c0a99141cc2ec	n/a	Gozi	46.29.160.188:443
2018-12-06 23:33:00	f70cab12ea0246c19ced6defb4446201	n/a	Gozi	46.29.160.188:443
2018-12-06 23:33:00	f70cab12ea0246c19ced6defb4446201	n/a	Gozi	46.29.160.188:443
2018-12-06 23:12:15	efaec38d2e7980f1fbfe021059853921	37/53 (69.81%)	Gozi	46.29.160.188:443
2018-12-06 23:12:15	efaec38d2e7980f1fbfe021059853921	37/53 (69.81%)	Gozi	46.29.160.188:443

# of entries: 70 (max: 100)