SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint eafd09fc5bdc3676676f6a0ceed19190ad18497c.

Database Entry

SHA1 Fingerprint:eafd09fc5bdc3676676f6a0ceed19190ad18497c
Certificate Common Name (CN):lidesignexpo.com
Issuer Distinguished Name (DN):Let's Encrypt Authority X3
TLS Version:TLS 1.2
First seen:2020-03-27 15:10:04 UTC
Last seen:2020-03-28 13:04:26 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2020-03-27 16:02:21
Malware samples:18
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2020-03-28 13:04:26a277824a7300cb32c676fb2f7627049bVirustotal results 45 / 73 (61.64%) Gozi 176.32.35.108:443
2020-03-28 13:04:26a277824a7300cb32c676fb2f7627049bVirustotal results 45 / 73 (61.64%) Gozi 176.32.35.108:443
2020-03-28 08:57:5548a1a62a2c48322620a3426503148ff6Virustotal results 35 / 73 (47.95%) Gozi 176.32.35.108:443
2020-03-28 08:57:5548a1a62a2c48322620a3426503148ff6Virustotal results 35 / 73 (47.95%) Gozi 176.32.35.108:443
2020-03-28 07:46:363f8b78605a8a5eb0e66b6f27f35048bfn/aGozi 176.32.35.108:443
2020-03-28 07:46:363f8b78605a8a5eb0e66b6f27f35048bfn/aGozi 176.32.35.108:443
2020-03-28 07:34:38e43153c11121bc08e99a822feb22af07n/aGozi 176.32.35.108:443
2020-03-28 07:34:38e43153c11121bc08e99a822feb22af07n/aGozi 176.32.35.108:443
2020-03-28 07:00:56bdc74698b4e279b4d57cae47f4fcf67eVirustotal results 33 / 71 (46.48%) Gozi 176.32.35.108:443
2020-03-28 07:00:56bdc74698b4e279b4d57cae47f4fcf67eVirustotal results 33 / 71 (46.48%) Gozi 176.32.35.108:443
2020-03-28 05:53:16762062b3e888c4e5eeecb1dec41fe263n/aGozi 176.32.35.108:443
2020-03-28 05:53:16762062b3e888c4e5eeecb1dec41fe263n/aGozi 176.32.35.108:443
2020-03-28 05:16:141197348d18f95f78f8e4a59575e31cc5n/aGozi 176.32.35.108:443
2020-03-28 05:16:141197348d18f95f78f8e4a59575e31cc5n/aGozi 176.32.35.108:443
2020-03-28 03:19:22219876d37224c140ab47d5ff144c4f2en/aGozi 176.32.35.108:443
2020-03-28 03:19:22219876d37224c140ab47d5ff144c4f2en/aGozi 176.32.35.108:443
2020-03-27 22:03:43e53009dd07d630030b4c1e04d558bf0an/aGozi 176.32.35.108:443
2020-03-27 22:03:43e53009dd07d630030b4c1e04d558bf0an/aGozi 176.32.35.108:443
2020-03-27 19:54:48b114ac0148470aa268b41f83ef4e7678n/aGozi 176.32.35.108:443
2020-03-27 19:54:48b114ac0148470aa268b41f83ef4e7678n/aGozi 176.32.35.108:443
2020-03-27 18:02:505447f9d94df22237ba8399e9951a2ae9n/aGozi 176.32.35.108:443
2020-03-27 18:02:505447f9d94df22237ba8399e9951a2ae9n/aGozi 176.32.35.108:443
2020-03-27 17:48:16cfcedd46c9202540aa1a2529eb1cd28dn/aGozi 176.32.35.108:443
2020-03-27 17:48:16cfcedd46c9202540aa1a2529eb1cd28dn/aGozi 176.32.35.108:443
2020-03-27 17:22:40e6b4ec06bf8d709f665a3fe4e4c2572bn/aGozi 176.32.35.108:443
2020-03-27 17:22:40e6b4ec06bf8d709f665a3fe4e4c2572bn/aGozi 176.32.35.108:443
2020-03-27 16:51:48493ec47f0e69fbb5f38590b669f73343Virustotal results 31 / 72 (43.06%) Gozi 176.32.35.108:443
2020-03-27 16:51:48493ec47f0e69fbb5f38590b669f73343Virustotal results 31 / 72 (43.06%) Gozi 176.32.35.108:443
2020-03-27 16:48:36ce45399b9b38e0a68b2307532f316f34n/aGozi 176.32.35.108:443
2020-03-27 16:48:36ce45399b9b38e0a68b2307532f316f34n/aGozi 176.32.35.108:443
2020-03-27 16:25:30478724fa4f40947b7f48727bf8e14108n/aGozi 176.32.35.108:443
2020-03-27 16:25:30478724fa4f40947b7f48727bf8e14108n/aGozi 176.32.35.108:443
2020-03-27 15:26:26973bd65cdcb0a5a2979f8174b06bf009n/aGozi 176.32.35.108:443
2020-03-27 15:26:26973bd65cdcb0a5a2979f8174b06bf009n/aGozi 176.32.35.108:443
2020-03-27 15:10:04442dfea2c6f660300cdef8efc2125cefn/aGozi 176.32.35.108:443
2020-03-27 15:10:04442dfea2c6f660300cdef8efc2125cefn/aGozi 176.32.35.108:443

# of entries: 36 (max: 100)