SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 19fc51f0a4181e610b6187a522a15aef7b56ed33.

Database Entry


SHA1 Fingerprint:19fc51f0a4181e610b6187a522a15aef7b56ed33
Certificate Common Name (CN):billdixononline.com
Issuer Distinguished Name (DN):Let's Encrypt Authority X3
TLS Version:TLS 1.2
First seen:2018-12-06 23:12:15 UTC
Last seen:2018-12-09 12:01:49 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2018-12-10 13:02:29
Malware samples:35
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-12-09 12:01:492deb64e6c155d01e5d0b57fe55cda143Virustotal results 8/69 (11.59%) Gozi 46.29.160.188:443
2018-12-08 14:00:2107ba262dc595cb93755c34d0c2d9f97aVirustotal results 15/69 (21.74%) Gozi 46.29.160.188:443
2018-12-07 10:19:45ed27a78d80c65fa0cf761bbd58148ed3Virustotal results 13/68 (19.12%) Gozi 46.29.160.188:443
2018-12-07 10:09:28ed62468c368cd540db898f07fb538b8bn/aGozi 46.29.160.188:443
2018-12-07 09:59:39eacc1541a766e5eea35c103f64b153b3n/aGozi 46.29.160.188:443
2018-12-07 09:43:42dd4b23a94fae3ba0b33554c17569a7cen/aGozi 46.29.160.188:443
2018-12-07 09:26:25f5a36047fbe053f85a93205a3684c3ffn/aGozi 46.29.160.188:443
2018-12-07 09:23:25eaf1c432c89aaa9becddbeef3643fa7dn/aGozi 46.29.160.188:443
2018-12-07 09:14:22fdd555ba958f770084ddb39c5563111bn/aGozi 46.29.160.188:443
2018-12-07 08:33:49e1e2946210e9241d1ee55430469228e9n/aGozi 46.29.160.188:443
2018-12-07 07:35:05db009122bbf9b86b0d726c42e6cd1d18n/aGozi 46.29.160.188:443
2018-12-07 07:09:450f7c477ec2ae694e2507c3bcea1dbdcan/aGozi 46.29.160.188:443
2018-12-07 07:07:44fed8145b79ceccd8264df5558a282ecbn/aGozi 46.29.160.188:443
2018-12-07 07:03:43fc2bbfe36289265535c5f1c1236e4910n/aGozi 46.29.160.188:443
2018-12-07 06:15:18d3301e402c406c944a3a481a2e3e0c14n/aGozi 46.29.160.188:443
2018-12-07 05:34:10f1e5762b39e93757129bf47f957c2114n/aGozi 46.29.160.188:443
2018-12-07 05:30:23f67e15c81f2b5a73097c58394c0d284fn/aGozi 46.29.160.188:443
2018-12-07 05:06:061ad358e235f9a49684b7c7118e6b1560Virustotal results 36/69 (52.17%) Gozi 46.29.160.188:443
2018-12-07 05:02:30d6d6ed5abab372c026fcccace1c88c1an/aGozi 46.29.160.188:443
2018-12-07 04:28:20f5d42f522be2cf8f0085b9665ecab465n/aGozi 46.29.160.188:443
2018-12-07 04:21:41d5e30c42e0acea001845b59983fb9ca7n/aGozi 46.29.160.188:443
2018-12-07 03:36:52f73c0e911a88836b5d32b3353a60e540n/aGozi 46.29.160.188:443
2018-12-07 01:58:42cf85238e34e42713944b61372aed7221n/aGozi 46.29.160.188:443
2018-12-07 01:18:53f8aa8917d858b40df29ad6f110edca52n/aGozi 46.29.160.188:443
2018-12-07 01:16:24f650319e7b09c14561b8b2755e39de6dn/aGozi 46.29.160.188:443
2018-12-07 01:07:29f93d39e9beaa80cf9de1b92d196a5846n/aGozi 46.29.160.188:443
2018-12-07 01:03:35d030c69029f89de03003b6b0b1951c36n/aGozi 46.29.160.188:443
2018-12-07 00:57:18d0eb0ee639b455c97ccf85be61b020c7n/aGozi 46.29.160.188:443
2018-12-07 00:45:34d53c815766d13245245b19f713015082n/aGozi 46.29.160.188:443
2018-12-07 00:05:34d69c8af8dd90d126a3cf5ca1aa778d7aVirustotal results 22/58 (37.93%) Gozi 46.29.160.188:443
2018-12-07 00:04:28fe5eb0dbbe8c964bc508d00aedbb1e32n/aGozi 46.29.160.188:443
2018-12-06 23:49:01e40739269541a59826a846a1393d21bcn/aGozi 46.29.160.188:443
2018-12-06 23:33:59dee293ff6371afe64b9c0a99141cc2ecn/aGozi 46.29.160.188:443
2018-12-06 23:33:00f70cab12ea0246c19ced6defb4446201n/aGozi 46.29.160.188:443
2018-12-06 23:12:15efaec38d2e7980f1fbfe021059853921n/aGozi 46.29.160.188:443

# of entries: 35 (max: 100)