SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3999302944cf1b07abf827008771c45dcf69f6fe.

Database Entry


SHA1 Fingerprint:3999302944cf1b07abf827008771c45dcf69f6fe
Certificate Common Name (CN):*
Issuer Distinguished Name (DN):*
TLS Version:TLS 1.2' NOTBEF
First seen:2021-02-25 15:05:32 UTC
Last seen:2021-02-26 07:44:15 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2021-02-26 06:30:48
Malware samples:6
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-02-26 07:44:15b6d56d3ebd48d4a3534140b1c06cf5b4n/aGozi 195.123.209.122:443
2021-02-26 03:57:17a581b527e44fdebb3f62b184e4df5a4dVirustotal results 43 / 71 (60.56%) Gozi 195.123.209.122:443
2021-02-25 20:54:288156afae8c5153957efa73b95075558aVirustotal results 49 / 69 (71.01%) Quakbot195.123.209.122:443
2021-02-25 19:05:25203c546ece7ed3c3306df0f4e6ba81a1Virustotal results 21 / 69 (30.43%) Quakbot195.123.209.122:443
2021-02-25 15:19:01156f0d86196b2e90f1a7158bebcb16aeVirustotal results 30 / 70 (42.86%) Gozi 195.123.209.122:443
2021-02-25 15:05:320253bcc25a1815a9439d3cceb2dd5ff4Virustotal results 29 / 69 (42.03%) RaccoonStealer195.123.209.122:443

# of entries: 6 (max: 100)