SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint e91c1605801894946c0ee40651cf984884f54cb9.

Database Entry


SHA1 Fingerprint:e91c1605801894946c0ee40651cf984884f54cb9
Certificate Common Name (CN):*
Issuer Distinguished Name (DN):*
TLS Version:TLS 1.2
First seen:2018-12-07 01:14:56 UTC
Last seen:2018-12-07 15:47:05 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2018-12-08 09:18:17
Malware samples:7
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-12-07 15:47:05c4bcb96edbb1ff96e10c920b11ee0d10Virustotal results 5/70 (7.14%) Gozi 192.162.244.23:443
2018-12-07 15:40:23f51ab2262e79e46b28005d1db0307eb8Virustotal results 5/67 (7.46%) Gozi 192.162.244.23:443
2018-12-07 11:03:501d3eedd2f3763478f12830dec47d9d38n/aGozi 192.162.244.23:443
2018-12-07 10:54:082fab636c97facb9f7685a1d1ee01af80Virustotal results 5/70 (7.14%) Gozi 192.162.244.23:443
2018-12-07 10:50:352604bf3acb0b6455626ede13426f3ba7Virustotal results 4/67 (5.97%) Gozi 192.162.244.23:443
2018-12-07 10:08:55c01dd82bde54b4a3b4617c691e4bae5fVirustotal results 6/69 (8.70%) Gozi 192.162.244.23:443
2018-12-07 01:14:560b1bdab915aaf05735959aeae151d585Virustotal results 4/70 (5.71%) Gozi 192.162.244.23:443

# of entries: 7 (max: 100)