SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 813529391d643765ec6ba55167a95a36171030fc.

Database Entry


SHA1 Fingerprint:813529391d643765ec6ba55167a95a36171030fc
Certificate Common Name (CN):*
Issuer Distinguished Name (DN):*
TLS Version:TLS 1.2
First seen:2020-04-22 12:10:33 UTC
Last seen:2020-04-27 07:15:21 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2020-04-23 07:40:59
Malware samples:10
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2020-04-27 07:15:2103781c95f7476e0c9386149397eb9320Virustotal results 35 / 73 (47.95%) Gozi 172.104.239.228:443
2020-04-24 23:06:44393dca0466583a0c9066fc8b9ef0679cn/aGozi 172.104.239.228:443
2020-04-24 22:16:08d3099f9d968447d754108638f7f87ea9n/aGozi 172.104.239.228:443
2020-04-24 15:31:2306be74220dd06e0204e5ecd46c231085n/aGozi 172.104.239.228:443
2020-04-24 14:07:321d94cc32838b73795b6578564b80905an/aGozi 172.104.239.228:443
2020-04-24 12:52:17b4ab969747e863a936b3aca56d7268can/aGozi 172.104.239.228:443
2020-04-24 07:24:47e704302809da8bdef8e97ae3a05a4020Virustotal results 30 / 73 (41.10%) Gozi 172.104.239.228:443
2020-04-23 04:14:24c804695bb2eb6776706ac4e7d586773bn/aGozi 172.104.239.228:443
2020-04-22 21:56:1928413377efd5904321eee5db4c299134n/aGozi 172.104.239.228:443
2020-04-22 12:10:3388c736232fb454d269f854e9f16558cfn/aGozi 172.104.239.228:443

# of entries: 10 (max: 100)