SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3883e2f730574057d5cdf91eae562b9c56e5b50d.
Database Entry
| SHA1 Fingerprint: | 3883e2f730574057d5cdf91eae562b9c56e5b50d |
|---|---|
| Certificate Common Name (CN): | * |
| Issuer Distinguished Name (DN): | * |
| TLS Version: | TLS 1.2 |
| First seen: | 2018-10-05 11:48:45 UTC |
| Last seen: | 2018-10-09 17:43:05 UTC |
| Status: | Blacklisted |
| Listing reason: | Gozi C&C |
| Listing date: | 2018-10-09 05:14:41 |
| Malware samples: | 4 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2018-10-09 17:43:05 | 42a73da14470d1268b4de297908a5c3b |  40/69 (57.97%)
| Gozi | 54.39.124.202:443 |
| 2018-10-09 17:43:05 | 42a73da14470d1268b4de297908a5c3b | 40/69 (57.97%)
| Gozi | 54.39.124.202:443 |
| 2018-10-09 11:08:29 | 50f0bf5a1fb2bca113f3afaf42b8ee0d | 40/69 (57.97%)
| Gozi | 54.39.124.202:443 |
| 2018-10-09 11:08:29 | 50f0bf5a1fb2bca113f3afaf42b8ee0d | 40/69 (57.97%)
| Gozi | 54.39.124.202:443 |
| 2018-10-08 14:26:02 | 1df9b147ece6e9b3a1dadeb7d3fdceb8 | 13/66 (19.70%)
| Gozi | 54.39.124.202:443 |
| 2018-10-08 14:26:02 | 1df9b147ece6e9b3a1dadeb7d3fdceb8 | 13/66 (19.70%)
| Gozi | 54.39.124.202:443 |
| 2018-10-05 11:48:45 | 8d60dab70a2cae1018e0b36b2ebe55a5 | 8/68 (11.76%)
| Gozi | 54.39.124.202:443 |
| 2018-10-05 11:48:45 | 8d60dab70a2cae1018e0b36b2ebe55a5 | 8/68 (11.76%)
| Gozi | 54.39.124.202:443 |
# of entries: 8 (max: 100)