SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint cdb0cd3b9ba771e95c696437253c260479dc4cd3.
Database Entry
| SHA1 Fingerprint: | cdb0cd3b9ba771e95c696437253c260479dc4cd3 |
|---|---|
| Certificate Common Name (CN): | rittcirhicene.com |
| Issuer Distinguished Name (DN): | Amazon |
| TLS Version: | TLS 1.2 |
| First seen: | 2020-02-07 09:13:38 UTC |
| Last seen: | 2020-04-09 22:46:31 UTC |
| Status: | Blacklisted |
| Listing reason: | Gozi C&C |
| Listing date: | 2020-03-11 14:30:38 |
| Malware samples: | 3 |
| Botnet C&Cs: | 3 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2020-04-09 22:46:31 | 63ff15929e2e9d186347f4b64175ff5c |  6 / 70 (8.57%)
| 143.204.201.33:443 | |
| 2020-04-09 22:46:31 | 63ff15929e2e9d186347f4b64175ff5c | 6 / 70 (8.57%)
| 143.204.201.33:443 | |
| 2020-03-11 09:09:35 | 19e2a5147a80e886fdd8c5bc6a5a0825 | 16 / 72 (22.22%)
| Gozi | 13.224.102.128:443 |
| 2020-03-11 09:09:35 | 19e2a5147a80e886fdd8c5bc6a5a0825 | 16 / 72 (22.22%)
| Gozi | 13.224.102.128:443 |
| 2020-02-07 09:13:39 | b495aac299940dc4d630a2b18806e159 | 10 / 71 (14.08%)
| 13.225.78.77:443 | |
| 2020-02-07 09:13:39 | b495aac299940dc4d630a2b18806e159 | 10 / 71 (14.08%)
| 13.225.78.77:443 |
# of entries: 6 (max: 100)