SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint ba66b8103d8fa5c30eb64649bd24cfcb0893bf37.
Database Entry
| SHA1 Fingerprint: | ba66b8103d8fa5c30eb64649bd24cfcb0893bf37 |
|---|---|
| Certificate Common Name (CN): | * |
| Issuer Distinguished Name (DN): | * |
| TLS Version: | TLS 1.2 |
| First seen: | 2018-10-23 12:45:13 UTC |
| Last seen: | 2018-10-29 10:57:50 UTC |
| Status: | Blacklisted |
| Listing reason: | Gozi C&C |
| Listing date: | 2018-10-29 08:22:22 |
| Malware samples: | 85 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2018-10-29 10:57:50 | dbef8d7f59a0047f4493288afe296399 |  39/67 (58.21%)
| Gozi | 54.39.81.120:443 |
| 2018-10-29 10:57:50 | dbef8d7f59a0047f4493288afe296399 | 39/67 (58.21%)
| Gozi | 54.39.81.120:443 |
| 2018-10-29 10:25:51 | 51bdb789c33e403b71d1dabbf7e8e97b | 40/66 (60.61%)
| Gozi | 54.39.81.120:443 |
| 2018-10-29 10:25:51 | 51bdb789c33e403b71d1dabbf7e8e97b | 40/66 (60.61%)
| Gozi | 54.39.81.120:443 |
| 2018-10-29 05:08:21 | 5c92445dc18a68bccaa5283c26e6f979 | 36/67 (53.73%)
| Gozi | 54.39.81.120:443 |
| 2018-10-29 05:08:21 | 5c92445dc18a68bccaa5283c26e6f979 | 36/67 (53.73%)
| Gozi | 54.39.81.120:443 |
| 2018-10-29 00:43:13 | 7d8dac2009c4adf655f2fbb6a4e7f2a0 | 40/67 (59.70%)
| Gozi | 54.39.81.120:443 |
| 2018-10-29 00:43:13 | 7d8dac2009c4adf655f2fbb6a4e7f2a0 | 40/67 (59.70%)
| Gozi | 54.39.81.120:443 |
| 2018-10-28 23:34:28 | 5684676c9594bb9e1a8d4036be924ac5 | 40/68 (58.82%)
| Gozi | 54.39.81.120:443 |
| 2018-10-28 23:34:28 | 5684676c9594bb9e1a8d4036be924ac5 | 40/68 (58.82%)
| Gozi | 54.39.81.120:443 |
| 2018-10-26 17:21:36 | ed8ece4d9c7cade5ffd2d2256f9af7cc | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-26 17:21:36 | ed8ece4d9c7cade5ffd2d2256f9af7cc | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-26 13:49:56 | 07a9a307b46d064570cef34cf4e8cb28 | 37/59 (62.71%)
| Gozi | 54.39.81.120:443 |
| 2018-10-26 13:49:56 | 07a9a307b46d064570cef34cf4e8cb28 | 37/59 (62.71%)
| Gozi | 54.39.81.120:443 |
| 2018-10-26 08:48:19 | 5709ac4c61f9c1119d6a4ff24deaac6c | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-26 08:48:19 | 5709ac4c61f9c1119d6a4ff24deaac6c | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-25 13:27:52 | c13db2a62c93439c51b9746df496dd94 | 38/68 (55.88%)
| Gozi | 54.39.81.120:443 |
| 2018-10-25 13:27:52 | c13db2a62c93439c51b9746df496dd94 | 38/68 (55.88%)
| Gozi | 54.39.81.120:443 |
| 2018-10-25 12:36:41 | 2870f6814286e3cf823cf401017e944a | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-25 12:36:41 | 2870f6814286e3cf823cf401017e944a | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-25 08:43:49 | c644cee99ee75394621a7a53689d83d0 | 36/68 (52.94%)
| Gozi | 54.39.81.120:443 |
| 2018-10-25 08:43:49 | c644cee99ee75394621a7a53689d83d0 | 36/68 (52.94%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 22:21:19 | 8e6e9b54c9dd04ab6c1788819ec38a3d | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 22:21:19 | 8e6e9b54c9dd04ab6c1788819ec38a3d | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 20:47:54 | c35e275f852c23c54e854efe03bb6893 | 37/68 (54.41%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 20:47:54 | c35e275f852c23c54e854efe03bb6893 | 37/68 (54.41%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 19:40:01 | 9ba75f8286079f783a68ea6b32e2e041 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 19:40:01 | 9ba75f8286079f783a68ea6b32e2e041 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 19:15:22 | 0a89bebbfd22e752575ee54ebeb4fff0 | 37/68 (54.41%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 19:15:22 | 0a89bebbfd22e752575ee54ebeb4fff0 | 37/68 (54.41%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 19:12:59 | 07b842a783a7682f7b2735083b2e9a23 | 47/67 (70.15%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 19:12:59 | 07b842a783a7682f7b2735083b2e9a23 | 47/67 (70.15%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 17:07:54 | 2a1283dddbb86e070106018358d07e00 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 17:07:54 | 2a1283dddbb86e070106018358d07e00 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 17:06:14 | 92ecf3a589d31562258dce635e965dd9 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 17:06:14 | 92ecf3a589d31562258dce635e965dd9 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 16:30:46 | 861e4887baff7f19600257e77db60fa6 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 16:30:46 | 861e4887baff7f19600257e77db60fa6 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 15:30:52 | 657273c02bd9416e88afac22c1e3abe6 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 15:30:52 | 657273c02bd9416e88afac22c1e3abe6 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 15:28:38 | 0bfacd40a063994c96eb0828b7c0de1d | 40/67 (59.70%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 15:28:38 | 0bfacd40a063994c96eb0828b7c0de1d | 40/67 (59.70%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 15:25:00 | 7ea846d6ef9b390464c1d5e7e4b18c06 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 15:25:00 | 7ea846d6ef9b390464c1d5e7e4b18c06 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 15:09:02 | 0afa81ca59fd41c22fa2f280a08c1131 | 37/68 (54.41%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 15:09:02 | 0afa81ca59fd41c22fa2f280a08c1131 | 37/68 (54.41%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 14:16:11 | 7d25c08eda7e5936c7779c7918336362 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 14:16:11 | 7d25c08eda7e5936c7779c7918336362 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 13:37:27 | c78e0c7675fdc489e8190b0c74c5cabb | 35/68 (51.47%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 13:37:27 | c78e0c7675fdc489e8190b0c74c5cabb | 35/68 (51.47%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 13:32:52 | dd543b4f52282753aa51f789dfa6be36 | 36/69 (52.17%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 13:32:52 | dd543b4f52282753aa51f789dfa6be36 | 36/69 (52.17%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 12:47:42 | 7ef633ed257755ef59ed75de61d5e6c4 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 12:47:42 | 7ef633ed257755ef59ed75de61d5e6c4 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 12:33:45 | 951c01f5190ad1ff819664a975e772a8 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 12:33:45 | 951c01f5190ad1ff819664a975e772a8 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 12:32:09 | 0860842b566151ffbd57a2825ed95a9f | 36/67 (53.73%)
| Formbook | 54.39.81.120:443 |
| 2018-10-24 12:32:09 | 0860842b566151ffbd57a2825ed95a9f | 36/67 (53.73%)
| Formbook | 54.39.81.120:443 |
| 2018-10-24 12:17:04 | 316f362430c98366d3060aa6b1f13379 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 12:17:04 | 316f362430c98366d3060aa6b1f13379 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 11:56:20 | 1cbf81ceeab2e67734f4a88bc61ecbd8 | 49/67 (73.13%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:56:20 | 1cbf81ceeab2e67734f4a88bc61ecbd8 | 49/67 (73.13%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:45:35 | e8f6d1428be454a997d9427c2030847a | 35/67 (52.24%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:45:35 | e8f6d1428be454a997d9427c2030847a | 35/67 (52.24%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:42:16 | d1f5845ac8a530e3bb181fda1766cdc2 | 36/68 (52.94%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:42:16 | d1f5845ac8a530e3bb181fda1766cdc2 | 36/68 (52.94%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:23:57 | e55a5a92b6885abeb2cdffaf27c4fa7e | 37/68 (54.41%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:23:57 | e55a5a92b6885abeb2cdffaf27c4fa7e | 37/68 (54.41%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:19:09 | ded79567634af4e74a70a2caf7cfffcc | 36/67 (53.73%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:19:09 | ded79567634af4e74a70a2caf7cfffcc | 36/67 (53.73%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:13:44 | 7f6c03be742176acff32dcae1bbb0445 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 11:13:44 | 7f6c03be742176acff32dcae1bbb0445 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 11:04:29 | b4bcb8056f054b90676b3d4a6188fbd0 | 35/66 (53.03%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 11:04:29 | b4bcb8056f054b90676b3d4a6188fbd0 | 35/66 (53.03%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 10:56:24 | 7892913b2e18d2e6b52f5fe313d096bd | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 10:56:24 | 7892913b2e18d2e6b52f5fe313d096bd | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 10:39:32 | 5056c081d29b2dbed3cd9c4ebb29dec3 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 10:39:32 | 5056c081d29b2dbed3cd9c4ebb29dec3 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 10:31:06 | 038d317798b88fca5923b496dd4d2089 | 36/67 (53.73%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 10:31:06 | 038d317798b88fca5923b496dd4d2089 | 36/67 (53.73%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 09:49:20 | dc03591a124dd2c70ae063320ca8af40 | 37/67 (55.22%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 09:49:20 | dc03591a124dd2c70ae063320ca8af40 | 37/67 (55.22%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 09:31:54 | d6df2e42ddb72697fa0cb0d2d964ac8b | 35/69 (50.72%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 09:31:54 | d6df2e42ddb72697fa0cb0d2d964ac8b | 35/69 (50.72%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 09:16:55 | b1f1cb98089eda75deb0ecf30f6c420f | 36/67 (53.73%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 09:16:55 | b1f1cb98089eda75deb0ecf30f6c420f | 36/67 (53.73%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 08:59:52 | 227bf403a2990dd20a43bc001dc0d42b | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 08:59:52 | 227bf403a2990dd20a43bc001dc0d42b | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 08:54:39 | 4721a1e4222f14643749e157bf8dd479 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 08:54:39 | 4721a1e4222f14643749e157bf8dd479 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 08:43:59 | 9050a6dcbccabefc7dccbd785b1a4ef3 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 08:43:59 | 9050a6dcbccabefc7dccbd785b1a4ef3 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 08:37:09 | d117c3c893b7cbb7e082dc2eda4af11b | 37/66 (56.06%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 08:37:09 | d117c3c893b7cbb7e082dc2eda4af11b | 37/66 (56.06%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 08:20:23 | 7b26c85dcf8228530db89ca6bad2e37b | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 08:20:23 | 7b26c85dcf8228530db89ca6bad2e37b | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 08:02:38 | 38a50f3a98af1beaf0143f21786fac12 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 08:02:38 | 38a50f3a98af1beaf0143f21786fac12 | n/a | Gozi | 54.39.81.120:443 |
| 2018-10-24 07:53:51 | f8b323d6ed745c209ea71a1aea1e6b84 | 36/66 (54.55%)
| Gozi | 54.39.81.120:443 |
| 2018-10-24 07:53:51 | f8b323d6ed745c209ea71a1aea1e6b84 | 36/66 (54.55%)
| Gozi | 54.39.81.120:443 |
# of entries: 100 (max: 100)