SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 848ce43530972c4aec6c57d2f00efeb7985b9eed.

Database Entry


SHA1 Fingerprint:848ce43530972c4aec6c57d2f00efeb7985b9eed
Certificate Common Name (CN):C=AU, ST=Some-State, O=Internet Widgits Pty Ltd
Issuer Distinguished Name (DN):C=AU, ST=Some-State, O=Internet Widgits Pty Ltd
TLS Version:TLS 1.2
First seen:2015-10-01 20:31:18 UTC
Last seen:2015-10-04 14:06:38 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2015-10-02 05:07:39
Malware samples:7
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-10-04 14:06:38218a83ac41d180d8c119a58ff9755b80Virustotal results 1/56 (1.79%) Gozi 109.120.156.217:443
2015-10-03 19:06:060b661aad39119b81e7f1ca8f21e15505Virustotal results 33/56 (58.93%) Gozi 109.120.156.217:443
2015-10-03 13:47:09d4ea43925c15b0c4127cbd93ba4ae039Virustotal results 6/55 (10.91%) Gozi 109.120.156.217:443
2015-10-03 13:44:51a11e19853640e3f3e452afdfa5f91d0aVirustotal results 30/57 (52.63%) Gozi 109.120.156.217:443
2015-10-02 20:57:48399539d595326474b59ebe0974528200Virustotal results 18/57 (31.58%) Gozi 109.120.156.217:443
2015-10-02 08:35:3783614d138f7e3cb502677c28df20508fVirustotal results 19/56 (33.93%) Gozi 109.120.156.217:443
2015-10-01 20:31:18b5d57963ba3adda24e6f5ab8e9292d4fVirustotal results 12/57 (21.05%) Gozi 109.120.156.217:443

# of entries: 7 (max: 100)