SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3f476828cf24d1fdbd176ace93d74a666eb70a16.

Database Entry

SHA1 Fingerprint:	3f476828cf24d1fdbd176ace93d74a666eb70a16
Certificate Common Name (CN):	*
Issuer Distinguished Name (DN):	*
TLS Version:	TLS 1.2' NOTBEF
First seen:	2021-02-25 15:05:32 UTC
Last seen:	2021-03-01 13:11:26 UTC
Status:	Blacklisted
Listing reason:	Gozi C&C
Listing date:	2021-03-01 13:41:23
Malware samples:	7
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2021-03-01 13:11:26	fecc10858ba9fdaf70e9290ee5d932d3	n/a	Gozi	195.123.213.219:443
2021-03-01 13:11:26	fecc10858ba9fdaf70e9290ee5d932d3	n/a	Gozi	195.123.213.219:443
2021-03-01 11:54:48	83d50b965e48afde78e52942c3554fe3	n/a	Gozi	195.123.213.219:443
2021-03-01 11:54:48	83d50b965e48afde78e52942c3554fe3	n/a	Gozi	195.123.213.219:443
2021-03-01 09:37:57	758283326194c41fd274662f1d48a33a	n/a	Gozi	195.123.213.219:443
2021-03-01 09:37:57	758283326194c41fd274662f1d48a33a	n/a	Gozi	195.123.213.219:443
2021-03-01 09:08:44	4c71be1fd350508dbb76efe2185b8d8f	n/a	Gozi	195.123.213.219:443
2021-03-01 09:08:44	4c71be1fd350508dbb76efe2185b8d8f	n/a	Gozi	195.123.213.219:443
2021-02-26 07:44:15	b6d56d3ebd48d4a3534140b1c06cf5b4	n/a	Gozi	195.123.213.219:443
2021-02-26 07:44:15	b6d56d3ebd48d4a3534140b1c06cf5b4	n/a	Gozi	195.123.213.219:443
2021-02-25 15:19:01	156f0d86196b2e90f1a7158bebcb16ae	30 / 70 (42.86%)	Gozi	195.123.213.219:443
2021-02-25 15:19:01	156f0d86196b2e90f1a7158bebcb16ae	30 / 70 (42.86%)	Gozi	195.123.213.219:443
2021-02-25 15:05:32	0253bcc25a1815a9439d3cceb2dd5ff4	29 / 69 (42.03%)	RaccoonStealer	195.123.213.219:443
2021-02-25 15:05:32	0253bcc25a1815a9439d3cceb2dd5ff4	29 / 69 (42.03%)	RaccoonStealer	195.123.213.219:443

# of entries: 14 (max: 100)