SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 455d8e384d214c17d34522413a98dc002352b78e.
Database Entry
| SHA1 Fingerprint: | 455d8e384d214c17d34522413a98dc002352b78e |
|---|---|
| Certificate Common Name (CN): | sontonecchidtt.Titheefrovorh.cologne |
| Issuer Distinguished Name (DN): | sontonecchidtt.Titheefrovorh.cologne |
| TLS Version: | TLSv1' NOTBEFOR |
| First seen: | 2018-10-17 13:07:26 UTC |
| Last seen: | 2018-10-18 03:49:50 UTC |
| Status: | Blacklisted |
| Listing reason: | Gozi C&C |
| Listing date: | 2018-10-18 06:07:43 |
| Malware samples: | 21 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2018-10-18 03:49:50 | 3de4ad9bb19d2f48113e9313438d97d6 | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-18 03:49:50 | 3de4ad9bb19d2f48113e9313438d97d6 | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-18 03:47:29 | 7a9bc149c30e22051fbf9c4932f0c60f | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-18 03:47:29 | 7a9bc149c30e22051fbf9c4932f0c60f | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-18 03:43:37 | a4a8a8b421102f4bc785162cb3e349e5 |  46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 03:43:37 | a4a8a8b421102f4bc785162cb3e349e5 | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 02:03:09 | 04dce81c430f10a4e74fd639d2f37782 | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 02:03:09 | 04dce81c430f10a4e74fd639d2f37782 | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 02:03:07 | 088293f1dfc62b09d530bb8842a2a0e5 | 48/68 (70.59%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 02:03:07 | 088293f1dfc62b09d530bb8842a2a0e5 | 48/68 (70.59%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 02:02:22 | 350adfefcb5fb74de8d5c766a897eddf | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-18 02:02:22 | 350adfefcb5fb74de8d5c766a897eddf | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-18 00:19:35 | ea278947dd91f83a0e2fb02f773f96de | 45/67 (67.16%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 00:19:35 | ea278947dd91f83a0e2fb02f773f96de | 45/67 (67.16%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 00:13:08 | ec626b689d380973cf0290800c0449d6 | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 00:13:08 | ec626b689d380973cf0290800c0449d6 | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 00:09:10 | f31b118269e179bbfa84d0db9991f7d8 | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 00:09:10 | f31b118269e179bbfa84d0db9991f7d8 | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-18 00:05:37 | 5b386cf667bc8ed97f58c80c91ec0566 | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-18 00:05:37 | 5b386cf667bc8ed97f58c80c91ec0566 | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-17 23:22:35 | ee1079bc2cea886c02ad52db59f6eda4 | 45/67 (67.16%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 23:22:35 | ee1079bc2cea886c02ad52db59f6eda4 | 45/67 (67.16%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 23:08:52 | 86149a56a0945082f78ead37fb445fc9 | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-17 23:08:52 | 86149a56a0945082f78ead37fb445fc9 | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-17 22:22:57 | 02d7c44f8a60b53abc9dc13542a1eb90 | 43/66 (65.15%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 22:22:57 | 02d7c44f8a60b53abc9dc13542a1eb90 | 43/66 (65.15%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 22:18:13 | 071690f5b59e3c77d2f1a33f88045096 | 37/67 (55.22%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 22:18:13 | 071690f5b59e3c77d2f1a33f88045096 | 37/67 (55.22%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 22:09:48 | 3cc1539e5dfa66d554011762dacdeb47 | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-17 22:09:48 | 3cc1539e5dfa66d554011762dacdeb47 | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-17 20:53:41 | 174ab453c3301a11bb622d6b3bcf8967 | 37/67 (55.22%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 20:53:41 | 174ab453c3301a11bb622d6b3bcf8967 | 37/67 (55.22%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 13:55:58 | e13a9c779139e72493a168590aaf658d | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 13:55:58 | e13a9c779139e72493a168590aaf658d | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 13:53:44 | 19c4f1cb5955d741522a4f982aed1c10 | 47/67 (70.15%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 13:53:44 | 19c4f1cb5955d741522a4f982aed1c10 | 47/67 (70.15%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 13:52:53 | 8d4ae907f320fb01b7ea122166bea377 | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-17 13:52:53 | 8d4ae907f320fb01b7ea122166bea377 | n/a | Gozi | 95.215.44.192:443 |
| 2018-10-17 13:51:39 | fd2df80a02ed880700e75c521e716f8f | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 13:51:39 | fd2df80a02ed880700e75c521e716f8f | 46/67 (68.66%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 13:07:26 | be4bac9556a30c6b4a8850cf3e616f74 | 19/58 (32.76%)
| Gozi | 95.215.44.192:443 |
| 2018-10-17 13:07:26 | be4bac9556a30c6b4a8850cf3e616f74 | 19/58 (32.76%)
| Gozi | 95.215.44.192:443 |
# of entries: 42 (max: 100)