SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3f476828cf24d1fdbd176ace93d74a666eb70a16.

Database Entry


SHA1 Fingerprint:3f476828cf24d1fdbd176ace93d74a666eb70a16
Certificate Common Name (CN):*
Issuer Distinguished Name (DN):*
TLS Version:TLS 1.2' NOTBEF
First seen:2021-02-25 15:05:32 UTC
Last seen:2021-03-01 13:11:26 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2021-03-01 13:41:23
Malware samples:7
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-03-01 13:11:26fecc10858ba9fdaf70e9290ee5d932d3n/aGozi 195.123.213.219:443
2021-03-01 11:54:4883d50b965e48afde78e52942c3554fe3n/aGozi 195.123.213.219:443
2021-03-01 09:37:57758283326194c41fd274662f1d48a33an/aGozi 195.123.213.219:443
2021-03-01 09:08:444c71be1fd350508dbb76efe2185b8d8fn/aGozi 195.123.213.219:443
2021-02-26 07:44:15b6d56d3ebd48d4a3534140b1c06cf5b4n/aGozi 195.123.213.219:443
2021-02-25 15:19:01156f0d86196b2e90f1a7158bebcb16aeVirustotal results 30 / 70 (42.86%) Gozi 195.123.213.219:443
2021-02-25 15:05:320253bcc25a1815a9439d3cceb2dd5ff4Virustotal results 29 / 69 (42.03%) RaccoonStealer195.123.213.219:443

# of entries: 7 (max: 100)