SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint ecedfc674b724569c01c4da4536fd7f8ed60650f.

Database Entry

SHA1 Fingerprint:ecedfc674b724569c01c4da4536fd7f8ed60650f
Certificate Common Name (CN):*
Issuer Distinguished Name (DN):*
TLS Version:TLS 1.2
First seen:2018-10-30 12:50:29 UTC
Last seen:2018-10-30 15:00:06 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2018-10-30 13:03:02
Malware samples:6
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-10-30 15:00:06a8b207650d647375f55f79dee81cc740Virustotal results 31/56 (55.36%) Gozi 54.39.218.118:443
2018-10-30 15:00:06a8b207650d647375f55f79dee81cc740Virustotal results 31/56 (55.36%) Gozi 54.39.218.118:443
2018-10-30 14:50:04a65260283447e8fe8f9a7b0df1c3c33dVirustotal results 34/68 (50.00%) Gozi 54.39.218.118:443
2018-10-30 14:50:04a65260283447e8fe8f9a7b0df1c3c33dVirustotal results 34/68 (50.00%) Gozi 54.39.218.118:443
2018-10-30 14:07:20f809c910512f7b61bda8735c272f270dVirustotal results 35/68 (51.47%) Gozi 54.39.218.118:443
2018-10-30 14:07:20f809c910512f7b61bda8735c272f270dVirustotal results 35/68 (51.47%) Gozi 54.39.218.118:443
2018-10-30 13:56:500927607d9e104cdff29d428e98b4e4adn/aGozi 54.39.218.118:443
2018-10-30 13:56:500927607d9e104cdff29d428e98b4e4adn/aGozi 54.39.218.118:443
2018-10-30 13:31:130714c38b1f9be1f9e7df3e31e393291an/aGozi 54.39.218.118:443
2018-10-30 13:31:130714c38b1f9be1f9e7df3e31e393291an/aGozi 54.39.218.118:443
2018-10-30 12:50:29335a4051e76dbfa4dc571d13e5a8534en/aGozi 54.39.218.118:443
2018-10-30 12:50:29335a4051e76dbfa4dc571d13e5a8534en/aGozi 54.39.218.118:443

# of entries: 12 (max: 100)