SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint cb9097e27d1c16ff6d0574c2cce0fc0d066f0f8d.

Database Entry

SHA1 Fingerprint:	cb9097e27d1c16ff6d0574c2cce0fc0d066f0f8d
Certificate Common Name (CN):	tdsjsext6.com
Issuer Distinguished Name (DN):	R3
TLS Version:	TLS 1.2
First seen:	2021-05-23 11:52:44 UTC
Last seen:	2021-05-24 13:13:00 UTC
Status:	Blacklisted
Listing reason:	Gozi C&C
Listing date:	2021-05-23 14:10:44
Malware samples:	31
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2021-05-24 13:13:00	027dd4c8bd3a8e4a6d23f63fcfffe892	n/a	Gozi	185.50.248.49:443
2021-05-24 13:13:00	027dd4c8bd3a8e4a6d23f63fcfffe892	n/a	Gozi	185.50.248.49:443
2021-05-24 12:43:22	9f86a41f3ffda0f740f3b2328077d45d	n/a	Gozi	185.50.248.49:443
2021-05-24 12:43:22	9f86a41f3ffda0f740f3b2328077d45d	n/a	Gozi	185.50.248.49:443
2021-05-24 10:38:25	b311f435f47825807eed0e54e0338670	n/a	Gozi	185.50.248.49:443
2021-05-24 10:38:25	b311f435f47825807eed0e54e0338670	n/a	Gozi	185.50.248.49:443
2021-05-24 10:28:33	69472b10d51de57775b06fdd0ea739b8	n/a	Gozi	185.50.248.49:443
2021-05-24 10:28:33	69472b10d51de57775b06fdd0ea739b8	n/a	Gozi	185.50.248.49:443
2021-05-24 10:02:10	5715030231a6ac6c946b4461d6c91032	n/a	Gozi	185.50.248.49:443
2021-05-24 10:02:10	5715030231a6ac6c946b4461d6c91032	n/a	Gozi	185.50.248.49:443
2021-05-24 09:21:00	c53084052c1175f6d771a12b60bae37d	n/a	Gozi	185.50.248.49:443
2021-05-24 09:21:00	c53084052c1175f6d771a12b60bae37d	n/a	Gozi	185.50.248.49:443
2021-05-24 08:47:10	ed650e426f8b0cfe77305db27a7524a3	n/a	Gozi	185.50.248.49:443
2021-05-24 08:47:10	ed650e426f8b0cfe77305db27a7524a3	n/a	Gozi	185.50.248.49:443
2021-05-24 07:49:39	f7dae384523150e82b4fa607d0288554	n/a	Gozi	185.50.248.49:443
2021-05-24 07:49:39	f7dae384523150e82b4fa607d0288554	n/a	Gozi	185.50.248.49:443
2021-05-24 07:26:16	f5aaebd0d574e7bcf5bcee9e9d4a82be	n/a	Gozi	185.50.248.49:443
2021-05-24 07:26:16	f5aaebd0d574e7bcf5bcee9e9d4a82be	n/a	Gozi	185.50.248.49:443
2021-05-24 06:53:08	e8a3c694fc39f2fc11cc98a039092d9c	n/a	Gozi	185.50.248.49:443
2021-05-24 06:53:08	e8a3c694fc39f2fc11cc98a039092d9c	n/a	Gozi	185.50.248.49:443
2021-05-24 06:32:17	0503fec93d7e4902e9e2de90ba2d70fc	n/a	Gozi	185.50.248.49:443
2021-05-24 06:32:17	0503fec93d7e4902e9e2de90ba2d70fc	n/a	Gozi	185.50.248.49:443
2021-05-24 05:47:46	34e3dec3c347c0f8882af6bf35dc6053	n/a	Gozi	185.50.248.49:443
2021-05-24 05:47:46	34e3dec3c347c0f8882af6bf35dc6053	n/a	Gozi	185.50.248.49:443
2021-05-24 05:26:06	051265a9bf890f1963b95b45cff85a70	n/a	Gozi	185.50.248.49:443
2021-05-24 05:26:06	051265a9bf890f1963b95b45cff85a70	n/a	Gozi	185.50.248.49:443
2021-05-24 04:24:32	526b7faa3b330ec7390cfd501504e7ec	n/a	Gozi	185.50.248.49:443
2021-05-24 04:24:32	526b7faa3b330ec7390cfd501504e7ec	n/a	Gozi	185.50.248.49:443
2021-05-24 03:58:09	5172c1fa183a05af6e61824cc537a16f	n/a	Gozi	185.50.248.49:443
2021-05-24 03:58:09	5172c1fa183a05af6e61824cc537a16f	n/a	Gozi	185.50.248.49:443
2021-05-24 02:31:14	aa0504acb9d1ae967323137832275849	n/a	Gozi	185.50.248.49:443
2021-05-24 02:31:14	aa0504acb9d1ae967323137832275849	n/a	Gozi	185.50.248.49:443
2021-05-24 02:06:11	ef1bbe7c50300026f38483c39d400384	n/a	Gozi	185.50.248.49:443
2021-05-24 02:06:11	ef1bbe7c50300026f38483c39d400384	n/a	Gozi	185.50.248.49:443
2021-05-24 01:46:02	6f3ea32d08f95a30263a01da09082c4b	n/a	Gozi	185.50.248.49:443
2021-05-24 01:46:02	6f3ea32d08f95a30263a01da09082c4b	n/a	Gozi	185.50.248.49:443
2021-05-24 01:33:24	e4f8503f3a496c4a4ba0cc59a9d395cc	n/a	Gozi	185.50.248.49:443
2021-05-24 01:33:24	e4f8503f3a496c4a4ba0cc59a9d395cc	n/a	Gozi	185.50.248.49:443
2021-05-24 01:32:53	d99def97b28d3a8be5a355f94467e21f	n/a	Gozi	185.50.248.49:443
2021-05-24 01:32:53	d99def97b28d3a8be5a355f94467e21f	n/a	Gozi	185.50.248.49:443
2021-05-24 01:30:16	aa00eb9458ddbbb663eb66ee80dbedc5	37 / 69 (53.62%)	Gozi	185.50.248.49:443
2021-05-24 01:30:16	aa00eb9458ddbbb663eb66ee80dbedc5	37 / 69 (53.62%)	Gozi	185.50.248.49:443
2021-05-24 01:29:46	713e16108deabb13d773ce36f5dc002c	39 / 69 (56.52%)	Gozi	185.50.248.49:443
2021-05-24 01:29:46	713e16108deabb13d773ce36f5dc002c	39 / 69 (56.52%)	Gozi	185.50.248.49:443
2021-05-24 01:27:51	3bd0a0df4b002da98fe56f89c982b16c	37 / 69 (53.62%)	Gozi	185.50.248.49:443
2021-05-24 01:27:51	3bd0a0df4b002da98fe56f89c982b16c	37 / 69 (53.62%)	Gozi	185.50.248.49:443
2021-05-24 01:25:45	492076d2d0e123d67a38e65ad5aaee6a	40 / 69 (57.97%)	Gozi	185.50.248.49:443
2021-05-24 01:25:45	492076d2d0e123d67a38e65ad5aaee6a	40 / 69 (57.97%)	Gozi	185.50.248.49:443
2021-05-23 19:28:36	03c3428647fab84180e189042b6c85e5	37 / 69 (53.62%)	Gozi	185.50.248.49:443
2021-05-23 19:28:36	03c3428647fab84180e189042b6c85e5	37 / 69 (53.62%)	Gozi	185.50.248.49:443
2021-05-23 15:41:24	b45181979facd5485184f32a5045d637	n/a	Gozi	185.50.248.49:443
2021-05-23 15:41:24	b45181979facd5485184f32a5045d637	n/a	Gozi	185.50.248.49:443
2021-05-23 14:46:16	2348dd9b6f9f9e98305c239412278190	n/a	Gozi	185.50.248.49:443
2021-05-23 14:46:16	2348dd9b6f9f9e98305c239412278190	n/a	Gozi	185.50.248.49:443
2021-05-23 14:07:51	1da0601d46dd56e2cfff320376dcf6d9	n/a	Gozi	185.50.248.49:443
2021-05-23 14:07:51	1da0601d46dd56e2cfff320376dcf6d9	n/a	Gozi	185.50.248.49:443
2021-05-23 13:36:04	9fcf3ab8703045032737668793f5563b	n/a	Gozi	185.50.248.49:443
2021-05-23 13:36:04	9fcf3ab8703045032737668793f5563b	n/a	Gozi	185.50.248.49:443
2021-05-23 13:30:00	06b71339cf8eae41cddbdef17e4dba9f	n/a	Gozi	185.50.248.49:443
2021-05-23 13:30:00	06b71339cf8eae41cddbdef17e4dba9f	n/a	Gozi	185.50.248.49:443
2021-05-23 11:52:44	9d20ef32ffa9b3efbca81407fec42a78	n/a	Gozi	185.50.248.49:443
2021-05-23 11:52:44	9d20ef32ffa9b3efbca81407fec42a78	n/a	Gozi	185.50.248.49:443

# of entries: 62 (max: 100)