SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 52db97a80cdc42b424cd842f1b2fc03c8cee66d9.

Database Entry

SHA1 Fingerprint:52db97a80cdc42b424cd842f1b2fc03c8cee66d9
Certificate Common Name (CN):*
Issuer Distinguished Name (DN):*
TLS Version:TLS 1.2
First seen:2020-04-28 06:22:08 UTC
Last seen:2020-04-29 08:31:01 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2020-04-29 06:37:44
Malware samples:7
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2020-04-29 08:31:0134af20b72b4e0a689df39ad00f28b764n/aGozi 194.113.235.106:443
2020-04-29 08:31:0134af20b72b4e0a689df39ad00f28b764n/aGozi 194.113.235.106:443
2020-04-29 08:21:04ebe3ce126a5469d28d83746c66a16244Virustotal results 20 / 72 (27.78%) Gozi 194.113.235.106:443
2020-04-29 08:21:04ebe3ce126a5469d28d83746c66a16244Virustotal results 20 / 72 (27.78%) Gozi 194.113.235.106:443
2020-04-29 06:06:554ce147ea2b12b0e5102a68dc7105115en/aGozi 194.113.235.106:443
2020-04-29 06:06:554ce147ea2b12b0e5102a68dc7105115en/aGozi 194.113.235.106:443
2020-04-28 20:38:04306a705de2031a06a4ae7db17ab89dd6Virustotal results 19 / 72 (26.39%) Gozi 194.113.235.106:443
2020-04-28 20:38:04306a705de2031a06a4ae7db17ab89dd6Virustotal results 19 / 72 (26.39%) Gozi 194.113.235.106:443
2020-04-28 09:53:1514268bba9a05d288edbb0f2a186f2388n/aGozi 194.113.235.106:443
2020-04-28 09:53:1514268bba9a05d288edbb0f2a186f2388n/aGozi 194.113.235.106:443
2020-04-28 09:16:16a1a9b45c207906a77c7a0b1361f351bcn/aGozi 194.113.235.106:443
2020-04-28 09:16:16a1a9b45c207906a77c7a0b1361f351bcn/aGozi 194.113.235.106:443
2020-04-28 06:22:089abadd216c62fb4d9a0958202a9bc59dn/aGozi 194.113.235.106:443
2020-04-28 06:22:089abadd216c62fb4d9a0958202a9bc59dn/aGozi 194.113.235.106:443

# of entries: 14 (max: 100)