SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 4ff36a9b0ddb2aeada45e3a93847a33852886853.

Database Entry


SHA1 Fingerprint:4ff36a9b0ddb2aeada45e3a93847a33852886853
Certificate Common Name (CN):black-transsexual-hardcore.com
Issuer Distinguished Name (DN):Let's Encrypt Authority X3
TLS Version:TLS 1.2
First seen:2018-12-05 13:08:10 UTC
Last seen:2018-12-14 23:38:07 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2018-12-10 13:07:52
Malware samples:11
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-12-14 23:38:073971798308790afc9104a315f855f1ecn/aGozi 213.183.63.183:443
2018-12-10 15:34:53f658b6d6a65f8f12725ff8363bfb21b0n/aGozi 213.183.63.183:443
2018-12-09 15:49:351efa971d24352a9833a8274a978d25fdVirustotal results 12/70 (17.14%) Gozi 213.183.63.183:443
2018-12-09 12:25:527d4af578d4dec723e1281b1349cd03caVirustotal results 11/69 (15.94%) Gozi 213.183.63.183:443
2018-12-05 17:06:411892f6253bab66fd17e5ded6da1aca85n/aGozi 213.183.63.183:443
2018-12-05 16:49:5785c0e8496dadeb53ea9150a1fd89823en/aGozi 213.183.63.183:443
2018-12-05 16:42:361fc38a7ca1b2ffea67b403b99925d370n/aGozi 213.183.63.183:443
2018-12-05 16:35:228e13a329963158d76652d8d7d5dd947dn/aGozi 213.183.63.183:443
2018-12-05 16:27:06623231effe6b203454162ed31311501cn/aGozi 213.183.63.183:443
2018-12-05 14:15:211fd20adc7c8e5cdf6f59f234e22369e4n/aGozi 213.183.63.183:443
2018-12-05 13:08:102d7e7d4bb7c63ec138b89409c172da14Virustotal results 21/68 (30.88%) Gozi 213.183.63.183:443

# of entries: 11 (max: 100)