SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3535b616a008419a523cebd505af9119b4a1bd49.
Database Entry
| SHA1 Fingerprint: | 3535b616a008419a523cebd505af9119b4a1bd49 |
|---|---|
| Certificate Common Name (CN): | karntnatural.xyz |
| Issuer Distinguished Name (DN): | Let's Encrypt Authority X3 |
| TLS Version: | TLS 1.2 |
| First seen: | 2020-04-02 06:05:52 UTC |
| Last seen: | 2020-04-02 07:36:01 UTC |
| Status: | Blacklisted |
| Listing reason: | Gozi C&C |
| Listing date: | 2020-04-02 07:52:17 |
| Malware samples: | 6 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2020-04-02 07:36:01 | 5b945bdc2b8fe0a065bb0b3944b74238 | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 07:36:01 | 5b945bdc2b8fe0a065bb0b3944b74238 | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 07:15:24 | fd52dd5bc64e3eaa2ee2f12fd052972e | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 07:15:24 | fd52dd5bc64e3eaa2ee2f12fd052972e | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 07:09:03 | 2d37683916125a18e04b9a331933ef1f | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 07:09:03 | 2d37683916125a18e04b9a331933ef1f | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 06:57:21 | e77aa17f1f358ec3e980e9981e867d54 | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 06:57:21 | e77aa17f1f358ec3e980e9981e867d54 | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 06:38:19 | 9879471fdbd48f73f7bfc3bf800261e3 | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 06:38:19 | 9879471fdbd48f73f7bfc3bf800261e3 | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 06:05:52 | ceb017d1700400db403b50a35e8a1738 | n/a | Gozi | 45.129.2.240:443 |
| 2020-04-02 06:05:52 | ceb017d1700400db403b50a35e8a1738 | n/a | Gozi | 45.129.2.240:443 |
# of entries: 12 (max: 100)