SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 8cc8478b20f1701f8d58410559da0057782f2258.

Database Entry

SHA1 Fingerprint:	8cc8478b20f1701f8d58410559da0057782f2258
Certificate Common Name (CN):	1Wepsereto.othepediberi.sap
Issuer Distinguished Name (DN):	1Wepsereto.othepediberi.sap
TLS Version:	TLS 1.2' NOTBEF
First seen:	2018-10-17 13:07:26 UTC
Last seen:	2018-10-18 09:37:42 UTC
Status:	Blacklisted
Listing reason:	Gozi C&C
Listing date:	2018-10-18 06:07:22
Malware samples:	15
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2018-10-18 09:37:42	e9a32299bdc90038441177d2b9af326a	45/67 (67.16%)	Gozi	185.117.72.67:443
2018-10-18 09:37:42	e9a32299bdc90038441177d2b9af326a	45/67 (67.16%)	Gozi	185.117.72.67:443
2018-10-18 06:42:14	1bce28d93db6d56af487560ec1b1ef97	47/68 (69.12%)	Gozi	185.117.72.67:443
2018-10-18 06:42:14	1bce28d93db6d56af487560ec1b1ef97	47/68 (69.12%)	Gozi	185.117.72.67:443
2018-10-18 03:49:50	3de4ad9bb19d2f48113e9313438d97d6	n/a	Gozi	185.117.72.67:443
2018-10-18 03:49:50	3de4ad9bb19d2f48113e9313438d97d6	n/a	Gozi	185.117.72.67:443
2018-10-18 03:43:37	a4a8a8b421102f4bc785162cb3e349e5	46/67 (68.66%)	Gozi	185.117.72.67:443
2018-10-18 03:43:37	a4a8a8b421102f4bc785162cb3e349e5	46/67 (68.66%)	Gozi	185.117.72.67:443
2018-10-18 02:03:07	088293f1dfc62b09d530bb8842a2a0e5	48/68 (70.59%)	Gozi	185.117.72.67:443
2018-10-18 02:03:07	088293f1dfc62b09d530bb8842a2a0e5	48/68 (70.59%)	Gozi	185.117.72.67:443
2018-10-18 00:19:35	ea278947dd91f83a0e2fb02f773f96de	45/67 (67.16%)	Gozi	185.117.72.67:443
2018-10-18 00:19:35	ea278947dd91f83a0e2fb02f773f96de	45/67 (67.16%)	Gozi	185.117.72.67:443
2018-10-18 00:09:10	f31b118269e179bbfa84d0db9991f7d8	46/67 (68.66%)	Gozi	185.117.72.67:443
2018-10-18 00:09:10	f31b118269e179bbfa84d0db9991f7d8	46/67 (68.66%)	Gozi	185.117.72.67:443
2018-10-18 00:05:37	5b386cf667bc8ed97f58c80c91ec0566	n/a	Gozi	185.117.72.67:443
2018-10-18 00:05:37	5b386cf667bc8ed97f58c80c91ec0566	n/a	Gozi	185.117.72.67:443
2018-10-17 23:22:35	ee1079bc2cea886c02ad52db59f6eda4	45/67 (67.16%)	Gozi	185.117.72.67:443
2018-10-17 23:22:35	ee1079bc2cea886c02ad52db59f6eda4	45/67 (67.16%)	Gozi	185.117.72.67:443
2018-10-17 23:08:52	86149a56a0945082f78ead37fb445fc9	n/a	Gozi	185.117.72.67:443
2018-10-17 23:08:52	86149a56a0945082f78ead37fb445fc9	n/a	Gozi	185.117.72.67:443
2018-10-17 22:22:57	02d7c44f8a60b53abc9dc13542a1eb90	43/66 (65.15%)	Gozi	185.117.72.67:443
2018-10-17 22:22:57	02d7c44f8a60b53abc9dc13542a1eb90	43/66 (65.15%)	Gozi	185.117.72.67:443
2018-10-17 20:53:41	174ab453c3301a11bb622d6b3bcf8967	37/67 (55.22%)	Gozi	185.117.72.67:443
2018-10-17 20:53:41	174ab453c3301a11bb622d6b3bcf8967	37/67 (55.22%)	Gozi	185.117.72.67:443
2018-10-17 13:52:53	8d4ae907f320fb01b7ea122166bea377	n/a	Gozi	185.117.72.67:443
2018-10-17 13:52:53	8d4ae907f320fb01b7ea122166bea377	n/a	Gozi	185.117.72.67:443
2018-10-17 13:51:39	fd2df80a02ed880700e75c521e716f8f	46/67 (68.66%)	Gozi	185.117.72.67:443
2018-10-17 13:51:39	fd2df80a02ed880700e75c521e716f8f	46/67 (68.66%)	Gozi	185.117.72.67:443
2018-10-17 13:07:26	be4bac9556a30c6b4a8850cf3e616f74	19/58 (32.76%)	Gozi	185.117.72.67:443
2018-10-17 13:07:26	be4bac9556a30c6b4a8850cf3e616f74	19/58 (32.76%)	Gozi	185.117.72.67:443

# of entries: 30 (max: 100)