SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5f623fb213f68f95fe6ac53c93c8bfdadc3195c1.

Database Entry


SHA1 Fingerprint:5f623fb213f68f95fe6ac53c93c8bfdadc3195c1
Certificate Common Name (CN):prlottonews.xyz
Issuer Distinguished Name (DN):Let's Encrypt Authority X3
TLS Version:TLS 1.2
First seen:2020-04-02 05:40:20 UTC
Last seen:2020-04-02 16:05:01 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2020-04-02 05:48:11
Malware samples:14
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2020-04-02 16:05:019f23303432893fb706efa23d9943a580n/aGozi 109.248.11.25:443
2020-04-02 15:58:420f8f043be577c37b45525d6e6dbcabccn/aGozi 109.248.11.25:443
2020-04-02 15:47:54811d0843f9b480df3c09a0cc62790f08n/aGozi 109.248.11.25:443
2020-04-02 15:46:286c0d9b3ea1127ec58e49a257dd47c0abn/aGozi 109.248.11.25:443
2020-04-02 15:43:43efa28363e6be85012c0636d3a33b39a1n/aGozi 109.248.11.25:443
2020-04-02 15:34:480f5b7665bd4c953aff04f446a85c92a0n/aGozi 109.248.11.25:443
2020-04-02 10:50:51085639f09fef87e9c40bd073665ff664n/aGozi 109.248.11.25:443
2020-04-02 07:24:002962c5faba2d34d48d1075c7c6fc8ffbn/aGozi 109.248.11.25:443
2020-04-02 07:14:029632d5b70843364344fe587f49b22c2dVirustotal results 19 / 73 (26.03%) Gozi 109.248.11.25:443
2020-04-02 06:32:204daf5692ed4b227f539cd575db3c88can/aGozi 109.248.11.25:443
2020-04-02 06:16:283defbcddf13524b6d0fbd4e5ffbecc44n/aGozi 109.248.11.25:443
2020-04-02 05:55:218ab18259ce082219d22837481f54a138n/aGozi 109.248.11.25:443
2020-04-02 05:47:3433bbbb7ab1b3390bb116c277d2cdc93dn/aGozi 109.248.11.25:443
2020-04-02 05:40:2037117bf06cee890a05d1fa9e49786506n/aGozi 109.248.11.25:443

# of entries: 14 (max: 100)