SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 378344803525c82d3e134dcd2222cf2cfab0c338.

Database Entry

SHA1 Fingerprint:	378344803525c82d3e134dcd2222cf2cfab0c338
Certificate Common Name (CN):	*
Issuer Distinguished Name (DN):	*
TLS Version:	TLS 1.2
First seen:	2018-12-24 13:15:39 UTC
Last seen:	2018-12-31 13:29:31 UTC
Status:	Blacklisted
Listing reason:	Gozi C&C
Listing date:	2018-12-24 15:00:54
Malware samples:	55
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2018-12-31 13:29:31	1b95d56adeae3ef9ed099f8c3ddd0eb4	12/70 (17.14%)	Gozi	185.189.149.252:443
2018-12-31 13:29:31	1b95d56adeae3ef9ed099f8c3ddd0eb4	12/70 (17.14%)	Gozi	185.189.149.252:443
2018-12-31 12:18:07	7aebd77676af0ff08d51cdb2ce0e58b2	25/69 (36.23%)	Gozi	185.189.149.252:443
2018-12-31 12:18:07	7aebd77676af0ff08d51cdb2ce0e58b2	25/69 (36.23%)	Gozi	185.189.149.252:443
2018-12-31 11:46:48	f5beb98beada57e6e48acf8f493804c3	n/a	Gozi	185.189.149.252:443
2018-12-31 11:46:48	f5beb98beada57e6e48acf8f493804c3	n/a	Gozi	185.189.149.252:443
2018-12-31 11:42:48	b56e0e6b0b38258f59e09b1c99704f5e	32/71 (45.07%)	Gozi	185.189.149.252:443
2018-12-31 11:42:48	b56e0e6b0b38258f59e09b1c99704f5e	32/71 (45.07%)	Gozi	185.189.149.252:443
2018-12-31 11:01:37	4dff0b111cdc1224751c8422718672ae	n/a	Gozi	185.189.149.252:443
2018-12-31 11:01:37	4dff0b111cdc1224751c8422718672ae	n/a	Gozi	185.189.149.252:443
2018-12-31 10:33:58	1087d0587940bbb42b3946cbd31aa49c	13/69 (18.84%)	Gozi	185.189.149.252:443
2018-12-31 10:33:58	1087d0587940bbb42b3946cbd31aa49c	13/69 (18.84%)	Gozi	185.189.149.252:443
2018-12-31 09:26:09	e834d4de441057c430a43076aa1c9a8b	15/69 (21.74%)	Gozi	185.189.149.252:443
2018-12-31 09:26:09	e834d4de441057c430a43076aa1c9a8b	15/69 (21.74%)	Gozi	185.189.149.252:443
2018-12-31 09:05:45	3d9232b02e0d6be1f719d6746e493026	n/a	Gozi	185.189.149.252:443
2018-12-31 09:05:45	3d9232b02e0d6be1f719d6746e493026	n/a	Gozi	185.189.149.252:443
2018-12-31 08:49:05	fc5849feb1c5ca18b30050ac762780fc	15/70 (21.43%)	Gozi	185.189.149.252:443
2018-12-31 08:49:05	fc5849feb1c5ca18b30050ac762780fc	15/70 (21.43%)	Gozi	185.189.149.252:443
2018-12-31 08:41:19	67386308ef8f0693cd62d3957a3e7e24	14/69 (20.29%)	Gozi	185.189.149.252:443
2018-12-31 08:41:19	67386308ef8f0693cd62d3957a3e7e24	14/69 (20.29%)	Gozi	185.189.149.252:443
2018-12-31 08:30:54	0c9afb4ef7e30c7c148b9524aa5eca47	44/69 (63.77%)	Gozi	185.189.149.252:443
2018-12-31 08:30:54	0c9afb4ef7e30c7c148b9524aa5eca47	44/69 (63.77%)	Gozi	185.189.149.252:443
2018-12-31 08:01:45	3bcb5c82650b1eb335d682109f0a2cc7	29/71 (40.85%)	Gozi	185.189.149.252:443
2018-12-31 08:01:45	3bcb5c82650b1eb335d682109f0a2cc7	29/71 (40.85%)	Gozi	185.189.149.252:443
2018-12-31 07:33:55	22152304bbe41d63b0e5304185735c6f	n/a	Gozi	185.189.149.252:443
2018-12-31 07:33:55	22152304bbe41d63b0e5304185735c6f	n/a	Gozi	185.189.149.252:443
2018-12-31 07:20:00	a6f09bfd00cf619f77a22050cacd493e	38/70 (54.29%)	Gozi	185.189.149.252:443
2018-12-31 07:20:00	a6f09bfd00cf619f77a22050cacd493e	38/70 (54.29%)	Gozi	185.189.149.252:443
2018-12-31 05:48:45	3e81c5c662bdf1a81c72ee3c5a470a12	28/72 (38.89%)	Gozi	185.189.149.252:443
2018-12-31 05:48:45	3e81c5c662bdf1a81c72ee3c5a470a12	28/72 (38.89%)	Gozi	185.189.149.252:443
2018-12-31 02:53:59	8718298e28aa435ea97aca676ad8acbf	31/71 (43.66%)	Gozi	185.189.149.252:443
2018-12-31 02:53:59	8718298e28aa435ea97aca676ad8acbf	31/71 (43.66%)	Gozi	185.189.149.252:443
2018-12-31 00:55:20	aecdb162f1e35d33af4fb8a02c94dbd4	13/68 (19.12%)	Gozi	185.189.149.252:443
2018-12-31 00:55:20	aecdb162f1e35d33af4fb8a02c94dbd4	13/68 (19.12%)	Gozi	185.189.149.252:443
2018-12-30 23:51:17	ab0112cdbecd649ce1032559f6929f7d	n/a	Gozi	185.189.149.252:443
2018-12-30 23:51:17	ab0112cdbecd649ce1032559f6929f7d	n/a	Gozi	185.189.149.252:443
2018-12-30 23:01:32	b214316422d48748c6a90b045ed9c314	17/69 (24.64%)	Gozi	185.189.149.252:443
2018-12-30 23:01:32	b214316422d48748c6a90b045ed9c314	17/69 (24.64%)	Gozi	185.189.149.252:443
2018-12-30 22:35:04	d34b61a36ed53603f8cb5ae326d32885	17/69 (24.64%)	Gozi	185.189.149.252:443
2018-12-30 22:35:04	d34b61a36ed53603f8cb5ae326d32885	17/69 (24.64%)	Gozi	185.189.149.252:443
2018-12-30 21:19:20	e025040d5d4170e807c1378888bf0a5a	11/71 (15.49%)	Gozi	185.189.149.252:443
2018-12-30 21:19:20	e025040d5d4170e807c1378888bf0a5a	11/71 (15.49%)	Gozi	185.189.149.252:443
2018-12-30 19:51:11	fb71e6c457e2615114cb398395c6ff0e	17/69 (24.64%)	Gozi	185.189.149.252:443
2018-12-30 19:51:11	fb71e6c457e2615114cb398395c6ff0e	17/69 (24.64%)	Gozi	185.189.149.252:443
2018-12-30 19:26:06	e96cf37956a3b3ba63ccb6442de1c534	17/69 (24.64%)	Gozi	185.189.149.252:443
2018-12-30 19:26:06	e96cf37956a3b3ba63ccb6442de1c534	17/69 (24.64%)	Gozi	185.189.149.252:443
2018-12-30 19:14:53	421cd561d29cbffd4b10ed84cc06d3fc	n/a	Gozi	185.189.149.252:443
2018-12-30 19:14:53	421cd561d29cbffd4b10ed84cc06d3fc	n/a	Gozi	185.189.149.252:443
2018-12-30 17:56:29	0bc36ba54b1a6eade1b5e6b14b86a678	17/69 (24.64%)	Gozi	185.189.149.252:443
2018-12-30 17:56:29	0bc36ba54b1a6eade1b5e6b14b86a678	17/69 (24.64%)	Gozi	185.189.149.252:443
2018-12-30 17:19:15	7c5ea1feddcdb1bf86b49bb8ec712527	16/68 (23.53%)	Gozi	185.189.149.252:443
2018-12-30 17:19:15	7c5ea1feddcdb1bf86b49bb8ec712527	16/68 (23.53%)	Gozi	185.189.149.252:443
2018-12-30 13:49:35	938c10599104de7bd01b54c0c65e1b91	12/69 (17.39%)	Gozi	185.189.149.252:443
2018-12-30 13:49:35	938c10599104de7bd01b54c0c65e1b91	12/69 (17.39%)	Gozi	185.189.149.252:443
2018-12-30 12:15:42	6a5a9490ab802a796bcf8b188b424107	12/70 (17.14%)	Gozi	185.189.149.252:443
2018-12-30 12:15:42	6a5a9490ab802a796bcf8b188b424107	12/70 (17.14%)	Gozi	185.189.149.252:443
2018-12-30 10:45:32	0a1fb5c896f11eec4f47a0ebeca3f317	12/70 (17.14%)	Gozi	185.189.149.252:443
2018-12-30 10:45:32	0a1fb5c896f11eec4f47a0ebeca3f317	12/70 (17.14%)	Gozi	185.189.149.252:443
2018-12-30 07:33:58	a917d65e22335a215cab6fe76d1ad39c	17/70 (24.29%)	Gozi	185.189.149.252:443
2018-12-30 07:33:58	a917d65e22335a215cab6fe76d1ad39c	17/70 (24.29%)	Gozi	185.189.149.252:443
2018-12-30 03:29:24	0e7b7fcaed6a81e8971c13bdcd60a06c	16/71 (22.54%)	Gozi	185.189.149.252:443
2018-12-30 03:29:24	0e7b7fcaed6a81e8971c13bdcd60a06c	16/71 (22.54%)	Gozi	185.189.149.252:443
2018-12-30 03:05:18	7acd305cddb1009c11a0f4892a84b63f	n/a	Gozi	185.189.149.252:443
2018-12-30 03:05:18	7acd305cddb1009c11a0f4892a84b63f	n/a	Gozi	185.189.149.252:443
2018-12-30 02:48:39	4ad9e980ee598bbbcbf02d77d684aa5e	21/70 (30.00%)	Gozi	185.189.149.252:443
2018-12-30 02:48:39	4ad9e980ee598bbbcbf02d77d684aa5e	21/70 (30.00%)	Gozi	185.189.149.252:443
2018-12-30 02:29:52	77e98db216f9e041e60edd871d8e4305	n/a	Gozi	185.189.149.252:443
2018-12-30 02:29:52	77e98db216f9e041e60edd871d8e4305	n/a	Gozi	185.189.149.252:443
2018-12-30 01:01:10	9f844727602efa691f9a30f904b2de5a	26/70 (37.14%)	Gozi	185.189.149.252:443
2018-12-30 01:01:10	9f844727602efa691f9a30f904b2de5a	26/70 (37.14%)	Gozi	185.189.149.252:443
2018-12-30 00:18:06	44ba0174ef6edd81cebd605f22fde000	42/70 (60.00%)	Gozi	185.189.149.252:443
2018-12-30 00:18:06	44ba0174ef6edd81cebd605f22fde000	42/70 (60.00%)	Gozi	185.189.149.252:443
2018-12-30 00:00:25	4970e90bf21a6063e0c6338e123b5fe7	21/72 (29.17%)	Gozi	185.189.149.252:443
2018-12-30 00:00:25	4970e90bf21a6063e0c6338e123b5fe7	21/72 (29.17%)	Gozi	185.189.149.252:443
2018-12-29 21:55:16	04f30281123337304e36142681b979c0	17/70 (24.29%)	Gozi	185.189.149.252:443
2018-12-29 21:55:16	04f30281123337304e36142681b979c0	17/70 (24.29%)	Gozi	185.189.149.252:443
2018-12-29 20:41:22	012787fc95939b418770b6cd8dea7f99	16/71 (22.54%)	Gozi	185.189.149.252:443
2018-12-29 20:41:22	012787fc95939b418770b6cd8dea7f99	16/71 (22.54%)	Gozi	185.189.149.252:443
2018-12-29 17:25:13	e5efe3074bf201a82d235ad4accb3051	30/70 (42.86%)	Gozi	185.189.149.252:443
2018-12-29 17:25:13	e5efe3074bf201a82d235ad4accb3051	30/70 (42.86%)	Gozi	185.189.149.252:443
2018-12-29 17:06:50	51926d5b32d5e4bf9adadd8d675205a7	15/68 (22.06%)	Gozi	185.189.149.252:443
2018-12-29 17:06:50	51926d5b32d5e4bf9adadd8d675205a7	15/68 (22.06%)	Gozi	185.189.149.252:443
2018-12-29 13:14:25	2cd9f800e3c100639522af60b134c9d6	15/70 (21.43%)	Gozi	185.189.149.252:443
2018-12-29 13:14:25	2cd9f800e3c100639522af60b134c9d6	15/70 (21.43%)	Gozi	185.189.149.252:443
2018-12-29 11:25:57	103b62618f547e1bf1729ec96bf688ca	14/71 (19.72%)	Gozi	185.189.149.252:443
2018-12-29 11:25:57	103b62618f547e1bf1729ec96bf688ca	14/71 (19.72%)	Gozi	185.189.149.252:443
2018-12-29 10:02:44	aa1fdf00e882128f9ba6d0d03846d4e2	14/71 (19.72%)	Gozi	185.189.149.252:443
2018-12-29 10:02:44	aa1fdf00e882128f9ba6d0d03846d4e2	14/71 (19.72%)	Gozi	185.189.149.252:443
2018-12-29 09:42:51	6c3c2dd90e6495e1ab2fe814a53fddcb	27/71 (38.03%)	Gozi	185.189.149.252:443
2018-12-29 09:42:51	6c3c2dd90e6495e1ab2fe814a53fddcb	27/71 (38.03%)	Gozi	185.189.149.252:443
2018-12-29 07:33:51	f894ecda876ac7bada1da1927815b0fc	14/72 (19.44%)	Gozi	185.189.149.252:443
2018-12-29 07:33:51	f894ecda876ac7bada1da1927815b0fc	14/72 (19.44%)	Gozi	185.189.149.252:443
2018-12-29 05:00:56	6f8413b7051f72e01ca5c8737cb09574	13/70 (18.57%)	Gozi	185.189.149.252:443
2018-12-29 05:00:56	6f8413b7051f72e01ca5c8737cb09574	13/70 (18.57%)	Gozi	185.189.149.252:443
2018-12-29 04:56:45	7b367d1003daefd0d26599568a469609	15/71 (21.13%)	Gozi	185.189.149.252:443
2018-12-29 04:56:45	7b367d1003daefd0d26599568a469609	15/71 (21.13%)	Gozi	185.189.149.252:443
2018-12-29 04:51:41	2b5ba0f819512e7d45cccca70dedf451	12/70 (17.14%)	Gozi	185.189.149.252:443
2018-12-29 04:51:41	2b5ba0f819512e7d45cccca70dedf451	12/70 (17.14%)	Gozi	185.189.149.252:443
2018-12-28 19:21:07	0d0376c7915b13d3cc1d5c93a2d7946f	35/70 (50.00%)	Gozi	185.189.149.252:443
2018-12-28 19:21:07	0d0376c7915b13d3cc1d5c93a2d7946f	35/70 (50.00%)	Gozi	185.189.149.252:443

# of entries: 100 (max: 100)