SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint e1b20d36a9eadd5d88493e4cebfd0aeaa6b27ddc.
Database Entry
| SHA1 Fingerprint: | e1b20d36a9eadd5d88493e4cebfd0aeaa6b27ddc |
|---|---|
| Certificate Common Name (CN): | nickburkholder.pw |
| Issuer Distinguished Name (DN): | Let's Encrypt Authority X3 |
| TLS Version: | TLS 1.2 |
| First seen: | 2019-03-12 16:45:05 UTC |
| Last seen: | 2019-03-12 18:03:51 UTC |
| Status: | Blacklisted |
| Listing reason: | Gozi C&C |
| Listing date: | 2019-03-12 17:05:16 |
| Malware samples: | 3 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2019-03-12 18:03:51 | 231d9f68344ec4775d52f3e09b7345af |  19/65 (29.23%)
| Gozi | 194.147.32.148:443 |
| 2019-03-12 18:03:51 | 231d9f68344ec4775d52f3e09b7345af | 19/65 (29.23%)
| Gozi | 194.147.32.148:443 |
| 2019-03-12 17:44:55 | 4dfd64fb5a8fa255dcf3f850817bb9f6 | 19/65 (29.23%)
| Gozi | 194.147.32.148:443 |
| 2019-03-12 17:44:55 | 4dfd64fb5a8fa255dcf3f850817bb9f6 | 19/65 (29.23%)
| Gozi | 194.147.32.148:443 |
| 2019-03-12 16:45:05 | db47987ada39f7fab03f7ebd6c63151d | 21/68 (30.88%)
| Gozi | 194.147.32.148:443 |
| 2019-03-12 16:45:05 | db47987ada39f7fab03f7ebd6c63151d | 21/68 (30.88%)
| Gozi | 194.147.32.148:443 |
# of entries: 6 (max: 100)