SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint e91c1605801894946c0ee40651cf984884f54cb9.

Database Entry

SHA1 Fingerprint:	e91c1605801894946c0ee40651cf984884f54cb9
Certificate Common Name (CN):	*
Issuer Distinguished Name (DN):	*
TLS Version:	TLS 1.2
First seen:	2018-12-07 01:14:56 UTC
Last seen:	2018-12-07 15:47:05 UTC
Status:	Blacklisted
Listing reason:	Gozi C&C
Listing date:	2018-12-08 09:18:17
Malware samples:	7
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2018-12-07 15:47:05	c4bcb96edbb1ff96e10c920b11ee0d10	5/70 (7.14%)	Gozi	192.162.244.23:443
2018-12-07 15:47:05	c4bcb96edbb1ff96e10c920b11ee0d10	5/70 (7.14%)	Gozi	192.162.244.23:443
2018-12-07 15:40:23	f51ab2262e79e46b28005d1db0307eb8	5/67 (7.46%)	Gozi	192.162.244.23:443
2018-12-07 15:40:23	f51ab2262e79e46b28005d1db0307eb8	5/67 (7.46%)	Gozi	192.162.244.23:443
2018-12-07 11:03:50	1d3eedd2f3763478f12830dec47d9d38	n/a	Gozi	192.162.244.23:443
2018-12-07 11:03:50	1d3eedd2f3763478f12830dec47d9d38	n/a	Gozi	192.162.244.23:443
2018-12-07 10:54:08	2fab636c97facb9f7685a1d1ee01af80	5/70 (7.14%)	Gozi	192.162.244.23:443
2018-12-07 10:54:08	2fab636c97facb9f7685a1d1ee01af80	5/70 (7.14%)	Gozi	192.162.244.23:443
2018-12-07 10:50:35	2604bf3acb0b6455626ede13426f3ba7	4/67 (5.97%)	Gozi	192.162.244.23:443
2018-12-07 10:50:35	2604bf3acb0b6455626ede13426f3ba7	4/67 (5.97%)	Gozi	192.162.244.23:443
2018-12-07 10:08:55	c01dd82bde54b4a3b4617c691e4bae5f	6/69 (8.70%)	Gozi	192.162.244.23:443
2018-12-07 10:08:55	c01dd82bde54b4a3b4617c691e4bae5f	6/69 (8.70%)	Gozi	192.162.244.23:443
2018-12-07 01:14:56	0b1bdab915aaf05735959aeae151d585	4/70 (5.71%)	Gozi	192.162.244.23:443
2018-12-07 01:14:56	0b1bdab915aaf05735959aeae151d585	4/70 (5.71%)	Gozi	192.162.244.23:443

# of entries: 14 (max: 100)