SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a55847bc3ab92101a7050d07e9d042a2272afd77.

Database Entry

SHA1 Fingerprint:a55847bc3ab92101a7050d07e9d042a2272afd77
Certificate Common Name (CN):*
Issuer Distinguished Name (DN):*
TLS Version:TLS 1.2
First seen:2018-11-22 07:43:17 UTC
Last seen:2018-11-25 12:39:09 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2018-11-22 10:19:16
Malware samples:19
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-11-25 12:39:092daf8d3dc90b4a639c335ec8c24be95dVirustotal results 35/70 (50.00%) Gozi 95.181.198.233:443
2018-11-25 12:39:092daf8d3dc90b4a639c335ec8c24be95dVirustotal results 35/70 (50.00%) Gozi 95.181.198.233:443
2018-11-25 06:49:405437dd8b20c517907e4a35cab2cdb765Virustotal results 11/70 (15.71%) Gozi 95.181.198.233:443
2018-11-25 06:49:405437dd8b20c517907e4a35cab2cdb765Virustotal results 11/70 (15.71%) Gozi 95.181.198.233:443
2018-11-25 03:03:50ee1dc0760ef95d25f0f8253f2cbba2bcVirustotal results 12/69 (17.39%) Gozi 95.181.198.233:443
2018-11-25 03:03:50ee1dc0760ef95d25f0f8253f2cbba2bcVirustotal results 12/69 (17.39%) Gozi 95.181.198.233:443
2018-11-25 02:09:337b43749d970d4ef2bd35472797e0fdfbVirustotal results 12/69 (17.39%) Gozi 95.181.198.233:443
2018-11-25 02:09:337b43749d970d4ef2bd35472797e0fdfbVirustotal results 12/69 (17.39%) Gozi 95.181.198.233:443
2018-11-24 22:24:020924ac55098cdad8c3fbba9b3245beccVirustotal results 11/68 (16.18%) Gozi 95.181.198.233:443
2018-11-24 22:24:020924ac55098cdad8c3fbba9b3245beccVirustotal results 11/68 (16.18%) Gozi 95.181.198.233:443
2018-11-24 18:44:24d4251f29ef682805d91890ab72f6a162Virustotal results 12/70 (17.14%) Gozi 95.181.198.233:443
2018-11-24 18:44:24d4251f29ef682805d91890ab72f6a162Virustotal results 12/70 (17.14%) Gozi 95.181.198.233:443
2018-11-23 16:29:55f8ef7af902e5b6142b7fd1cffe81082fn/aGozi 95.181.198.233:443
2018-11-23 16:29:55f8ef7af902e5b6142b7fd1cffe81082fn/aGozi 95.181.198.233:443
2018-11-22 10:48:07ae7434c7270df7a37ba8715114f0be1fVirustotal results 13/58 (22.41%) Gozi 95.181.198.233:443
2018-11-22 10:48:07ae7434c7270df7a37ba8715114f0be1fVirustotal results 13/58 (22.41%) Gozi 95.181.198.233:443
2018-11-22 10:15:531b45212c9bda0af51b6d6a1464f985e5n/aGozi 95.181.198.233:443
2018-11-22 10:15:531b45212c9bda0af51b6d6a1464f985e5n/aGozi 95.181.198.233:443
2018-11-22 09:45:402baf9375f27c037390d60eef89aefd08n/aGozi 95.181.198.233:443
2018-11-22 09:45:402baf9375f27c037390d60eef89aefd08n/aGozi 95.181.198.233:443
2018-11-22 09:34:55498da922a9c23c42f536e47e7665dc91Virustotal results 44/70 (62.86%) Gozi 95.181.198.233:443
2018-11-22 09:34:55498da922a9c23c42f536e47e7665dc91Virustotal results 44/70 (62.86%) Gozi 95.181.198.233:443
2018-11-22 09:20:1393b47a0766e48dff25d892d8d279ab6bVirustotal results 13/69 (18.84%) Gozi 95.181.198.233:443
2018-11-22 09:20:1393b47a0766e48dff25d892d8d279ab6bVirustotal results 13/69 (18.84%) Gozi 95.181.198.233:443
2018-11-22 09:11:5932a7f6cafd2ab9e8a99eb1a70738ab0bVirustotal results 7/67 (10.45%) Gozi 95.181.198.233:443
2018-11-22 09:11:5932a7f6cafd2ab9e8a99eb1a70738ab0bVirustotal results 7/67 (10.45%) Gozi 95.181.198.233:443
2018-11-22 09:08:5936b976d3d1143414287fd1ddda05ecf9Virustotal results 7/68 (10.29%) Gozi 95.181.198.233:443
2018-11-22 09:08:5936b976d3d1143414287fd1ddda05ecf9Virustotal results 7/68 (10.29%) Gozi 95.181.198.233:443
2018-11-22 09:06:011f4a8fe49ac862ec0c913e4820c5b04cVirustotal results 7/69 (10.14%) Gozi 95.181.198.233:443
2018-11-22 09:06:011f4a8fe49ac862ec0c913e4820c5b04cVirustotal results 7/69 (10.14%) Gozi 95.181.198.233:443
2018-11-22 09:04:251e510a1879dc41270f5d391fa6f82846Virustotal results 39/69 (56.52%) Gozi 95.181.198.233:443
2018-11-22 09:04:251e510a1879dc41270f5d391fa6f82846Virustotal results 39/69 (56.52%) Gozi 95.181.198.233:443
2018-11-22 09:04:06edc301b74228e65e293e4a18f744d15aVirustotal results 12/69 (17.39%) Gozi 95.181.198.233:443
2018-11-22 09:04:06edc301b74228e65e293e4a18f744d15aVirustotal results 12/69 (17.39%) Gozi 95.181.198.233:443
2018-11-22 08:53:18a5afd3987613ed3a99e9d81e98a3e85dn/aGozi 95.181.198.233:443
2018-11-22 08:53:18a5afd3987613ed3a99e9d81e98a3e85dn/aGozi 95.181.198.233:443
2018-11-22 07:43:17db35c776a335d05f4ca4e5c5e6f6fb39Virustotal results 15/59 (25.42%) Gozi 95.181.198.233:443
2018-11-22 07:43:17db35c776a335d05f4ca4e5c5e6f6fb39Virustotal results 15/59 (25.42%) Gozi 95.181.198.233:443

# of entries: 38 (max: 100)