SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint aff7e866ddef40f62913695131bead1a55e7ce34.

Database Entry


SHA1 Fingerprint:aff7e866ddef40f62913695131bead1a55e7ce34
Certificate Common Name (CN):*
Issuer Distinguished Name (DN):*
TLS Version:TLS 1.2
First seen:2020-04-28 03:23:50 UTC
Last seen:2020-04-29 08:31:01 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2020-04-29 06:37:46
Malware samples:9
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2020-04-29 08:31:0134af20b72b4e0a689df39ad00f28b764n/aGozi 185.14.31.168:443
2020-04-29 08:21:04ebe3ce126a5469d28d83746c66a16244Virustotal results 20 / 72 (27.78%) Gozi 185.14.31.168:443
2020-04-29 06:06:554ce147ea2b12b0e5102a68dc7105115en/aGozi 185.14.31.168:443
2020-04-28 20:38:04306a705de2031a06a4ae7db17ab89dd6Virustotal results 19 / 72 (26.39%) Gozi 185.14.31.168:443
2020-04-28 09:53:1514268bba9a05d288edbb0f2a186f2388n/aGozi 185.14.31.168:443
2020-04-28 09:16:16a1a9b45c207906a77c7a0b1361f351bcn/aGozi 185.14.31.168:443
2020-04-28 08:45:1663c96e1d793f2a930d6341a739ef208cn/aGozi 185.14.31.168:443
2020-04-28 06:22:089abadd216c62fb4d9a0958202a9bc59dn/aGozi 185.14.31.168:443
2020-04-28 03:23:509dd6388729108def143f663b6b9165c7Virustotal results 10 / 73 (13.70%) Gozi 185.14.31.168:443

# of entries: 9 (max: 100)