SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint aa1ba80505c16939f9e8ecda3aab066351dcb231.
Database Entry
| SHA1 Fingerprint: | aa1ba80505c16939f9e8ecda3aab066351dcb231 |
|---|---|
| Certificate Common Name (CN): | airportmonth.info |
| Issuer Distinguished Name (DN): | WE1 |
| TLS Version: | TLS 1.2 |
| First seen: | 2025-06-27 10:22:46 UTC |
| Last seen: | 2025-06-30 17:37:14 UTC |
| Status: | Blacklisted |
| Listing reason: | OffLoader C&C |
| Listing date: | 2025-06-28 14:05:25 |
| Malware samples: | 12 |
| Botnet C&Cs: | 2 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2025-06-30 17:37:14 | d3926bb1709ef5f19b446d7915d62a69 | n/a | 172.67.170.220:443 | |
| 2025-06-30 17:27:00 | d37c67eab7a7b51873a2da7bf93e3e9d | n/a | 172.67.170.220:443 | |
| 2025-06-29 21:25:16 | 43daf87be89a99c31409e2c9118d52da | n/a | 104.21.28.142:443 | |
| 2025-06-29 14:51:03 | d7040da5373471ed58b50067812d39e9 | n/a | 104.21.28.142:443 | |
| 2025-06-29 03:50:20 | a0223159716e18d48a4b71185edc5b5e | n/a | 172.67.170.220:443 | |
| 2025-06-29 03:40:15 | 8c74f96f699165d4fba80302046683e4 | n/a | 104.21.28.142:443 | |
| 2025-06-29 03:23:45 | 839460e4a4d9f47718609635841c0cfd | n/a | 104.21.28.142:443 | |
| 2025-06-29 03:08:41 | 7ef82ca1907023c2dc1fed490c4f4edf | n/a | 104.21.28.142:443 | |
| 2025-06-27 22:46:50 | 36f981bd3166d77d46c6f910ee20a582 | n/a | 172.67.170.220:443 | |
| 2025-06-27 20:49:26 | 0bff006744b657857b6a51d3d087eb4a | n/a | 104.21.28.142:443 | |
| 2025-06-27 18:39:41 | b80a54349da588a3012afc2b0f1e1804 | n/a | 104.21.28.142:443 | |
| 2025-06-27 10:22:46 | 7f447ef3c552a02f71ac5816d06219d1 | n/a | 172.67.170.220:443 |
# of entries: 12 (max: 100)