SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 916929efb627856e866df6321b7e9aa8167a53ad.
Database Entry
| SHA1 Fingerprint: | 916929efb627856e866df6321b7e9aa8167a53ad |
|---|---|
| Certificate Common Name (CN): | *.cvl.name |
| Issuer Distinguished Name (DN): | COMODO RSA Domain Validation Secure Server CA |
| TLS Version: | TLS 1.2 |
| First seen: | 2017-08-04 12:56:21 UTC |
| Last seen: | 2017-08-05 18:41:22 UTC |
| Status: | Blacklisted |
| Listing reason: | Gozi C&C |
| Listing date: | 2017-08-04 13:01:06 |
| Malware samples: | 3 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2017-08-05 18:41:22 | 5a5ac3721a74aa3ff99e678db2fd203c |  13/64 (20.31%)
| Gozi | 188.165.26.166:443 |
| 2017-08-05 18:41:22 | 5a5ac3721a74aa3ff99e678db2fd203c | 13/64 (20.31%)
| Gozi | 188.165.26.166:443 |
| 2017-08-04 15:46:09 | 5c90d5c529749bc1d64268f1aa203c17 | 23/64 (35.94%)
| Gozi | 188.165.26.166:443 |
| 2017-08-04 15:46:09 | 5c90d5c529749bc1d64268f1aa203c17 | 23/64 (35.94%)
| Gozi | 188.165.26.166:443 |
| 2017-08-04 12:56:21 | e8d2e2a7060960ac9b03fdabb37d367f | 7/63 (11.11%)
| Gozi | 188.165.26.166:443 |
| 2017-08-04 12:56:21 | e8d2e2a7060960ac9b03fdabb37d367f | 7/63 (11.11%)
| Gozi | 188.165.26.166:443 |
# of entries: 6 (max: 100)