SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint d939155400494051d785fbeae33933f64a2d6cce.

Database Entry

SHA1 Fingerprint:d939155400494051d785fbeae33933f64a2d6cce
Certificate Common Name (CN)
Issuer Distinguished Name (DN):COMODO RSA Domain Validation Secure Server CA
TLS Version:TLS 1.2
First seen:2015-09-10 00:37:53 UTC
Last seen:2015-09-20 17:39:08 UTC
Listing reason:Rovnix C&C
Listing date:2015-09-19 08:30:28
Malware samples:5
Botnet C&Cs:2

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-09-20 17:39:08f8ae4b7e142d0d5fcf445d3ea4e71e5dVirustotal results 9/56 (16.07%) Gozi
2015-09-19 06:13:027660d41996b28503a7813c5381d63ba7Virustotal results 16/56 (28.57%)
2015-09-18 13:22:402bf19f880796985530ef6cf663b0c635Virustotal results 20/57 (35.09%)
2015-09-12 01:47:19dd28d0de3a0be8143253815cc9d7f8acVirustotal results 2/56 (3.57%)
2015-09-10 00:37:531a843d010b3f0549e5a882eef4a3f6c3Virustotal results 3/57 (5.26%)

# of entries: 5 (max: 100)