JA3 Fingerprints
You can find further information about the JA3 fingerprint 1fe4c7a3544eb27afec2adfb3a3dbf60, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | 1fe4c7a3544eb27afec2adfb3a3dbf60 |
|---|---|
| First seen: | 2018-03-11 19:23:08 UTC |
| Last seen: | 2021-08-09 11:42:58 UTC |
| Status: | Blacklisted |
| Malware samples: | 5'962 |
| Destination IPs: | 784 |
| Malware: | Tofsee  |
| Listing date: | 2020-01-09 14:18:54 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2022-01-16 08:04:19 | a7799950c8cf984ecee9126898d2a757 | n/a | 172.217.168.35:443 |
| 2022-01-16 08:04:19 | a7799950c8cf984ecee9126898d2a757 | n/a | 142.250.203.99:443 |
| 2022-01-16 08:04:18 | a7799950c8cf984ecee9126898d2a757 | n/a | 172.217.168.36:443 |
| 2022-01-16 07:43:34 | ce43bbce4d2a07c3e0ca4676b69089be | n/a | 216.58.208.100:443 |
| 2022-01-16 07:43:34 | ce43bbce4d2a07c3e0ca4676b69089be | n/a | 142.251.36.35:443 |
| 2022-01-16 07:42:56 | d0f8d5b1c879d4b98d73f8b584170a03 | n/a | 172.217.168.3:443 |
| 2022-01-16 07:42:56 | d0f8d5b1c879d4b98d73f8b584170a03 | n/a | 172.217.168.36:443 |
| 2022-01-16 07:42:56 | d0f8d5b1c879d4b98d73f8b584170a03 | n/a | 172.217.168.35:443 |
| 2022-01-16 07:41:35 | bea2a3bd3d2d9f3185d1bae41e89acef | n/a | 142.251.36.35:443 |
| 2022-01-16 07:41:35 | bea2a3bd3d2d9f3185d1bae41e89acef | n/a | 216.58.208.100:443 |
| 2022-01-16 07:41:34 | bea2a3bd3d2d9f3185d1bae41e89acef | n/a | 142.251.39.99:443 |
| 2022-01-16 07:38:50 | 2ef02102394e27bfda910614d878eb8d | n/a | 142.251.39.99:443 |
| 2022-01-16 07:38:49 | 2ef02102394e27bfda910614d878eb8d | n/a | 216.58.208.100:443 |
| 2022-01-16 07:38:49 | 2ef02102394e27bfda910614d878eb8d | n/a | 142.251.36.35:443 |
| 2022-01-16 07:38:10 | 67c00059ef98f80999abf104f32de848 | n/a | 142.251.36.35:443 |
| 2022-01-16 07:38:10 | 67c00059ef98f80999abf104f32de848 | n/a | 216.58.208.100:443 |
| 2022-01-16 07:34:23 | 19e555befb11569fd128fe927ebde249 | n/a | 172.217.168.68:443 |
| 2022-01-16 07:34:22 | 19e555befb11569fd128fe927ebde249 | n/a | 172.217.168.67:443 |
| 2022-01-16 07:30:26 | 04edc1a4f38600721597fcba731bc13c |  22 / 68 (32.35%)
| 142.250.72.132:443 |
| 2022-01-16 07:30:26 | 04edc1a4f38600721597fcba731bc13c | 22 / 68 (32.35%)
| 142.250.72.227:443 |
| 2022-01-16 07:14:10 | b546198962df7dd79a15d5034b8ac939 | 43 / 68 (63.24%)
| 142.250.203.100:443 |
| 2022-01-16 07:14:10 | b546198962df7dd79a15d5034b8ac939 | 43 / 68 (63.24%)
| 172.217.168.67:443 |
| 2022-01-15 23:19:51 | a64ce58908a175d314d6f36d8ac9c955 | 44 / 69 (63.77%)
| 142.250.72.164:443 |
| 2022-01-15 23:19:50 | a64ce58908a175d314d6f36d8ac9c955 | 44 / 69 (63.77%)
| 142.250.68.3:443 |
| 2022-01-15 23:08:00 | a0d4e86ba741384c5cc4ec2600c99a0c | 42 / 66 (63.64%)
| 172.217.168.35:443 |
| 2022-01-15 23:07:58 | a0d4e86ba741384c5cc4ec2600c99a0c | 42 / 66 (63.64%)
| 142.250.203.100:443 |
| 2022-01-15 20:38:04 | 059eac08e725f1a2805e6710dc33fb9e | n/a | 142.250.203.99:443 |
| 2022-01-15 20:38:04 | 059eac08e725f1a2805e6710dc33fb9e | n/a | 172.217.168.68:443 |
| 2022-01-15 18:39:31 | 395780bd658008430d6acee8d73c7c0b | n/a | 172.217.168.35:443 |
| 2022-01-15 18:39:30 | 395780bd658008430d6acee8d73c7c0b | n/a | 172.217.168.36:443 |
| 2022-01-15 17:50:14 | a30843f5237da109808ecb8a5f811d4b | 24 / 68 (35.29%)
| 216.58.208.99:443 |
| 2022-01-15 17:50:13 | a30843f5237da109808ecb8a5f811d4b | 24 / 68 (35.29%)
| 216.58.208.100:443 |
| 2022-01-15 17:05:38 | 46a70d5d3e3c0c8ad531b1e0bd9f3dba | n/a | 216.58.208.100:443 |
| 2022-01-15 17:05:38 | 46a70d5d3e3c0c8ad531b1e0bd9f3dba | n/a | 142.250.179.131:443 |
| 2022-01-15 16:55:21 | e08672b54462cbad38ebc4eef207318b | n/a | 142.250.186.99:443 |
| 2022-01-15 16:55:21 | e08672b54462cbad38ebc4eef207318b | n/a | 142.250.186.100:443 |
| 2022-01-15 16:55:21 | e08672b54462cbad38ebc4eef207318b | n/a | 142.250.185.196:443 |
| 2022-01-15 02:02:06 | b0fd43e46f24f83d04adc5fc563e21a2 | 44 / 68 (64.71%)
| 142.250.179.131:443 |
| 2022-01-15 02:02:06 | b0fd43e46f24f83d04adc5fc563e21a2 | 44 / 68 (64.71%)
| 216.58.208.100:443 |
| 2022-01-14 16:28:03 | 5ec0c55af962630debef76632458fe3d | n/a | 172.217.168.3:443 |
| 2022-01-14 16:28:03 | 5ec0c55af962630debef76632458fe3d | n/a | 216.58.215.228:443 |
| 2022-01-14 16:28:03 | 5ec0c55af962630debef76632458fe3d | n/a | 216.58.215.227:443 |
| 2022-01-14 13:45:56 | e797addbd37d8a1e7b8df3b50b426f2f | n/a | 142.250.188.227:443 |
| 2022-01-14 13:45:55 | e797addbd37d8a1e7b8df3b50b426f2f | n/a | 142.250.72.164:443 |
| 2022-01-14 13:18:11 | 50badd524b2e3faf0ff050dd5be8a584 | n/a | 172.217.168.67:443 |
| 2022-01-14 13:18:11 | 50badd524b2e3faf0ff050dd5be8a584 | n/a | 216.58.215.227:443 |
| 2022-01-14 13:18:11 | 50badd524b2e3faf0ff050dd5be8a584 | n/a | 172.217.168.4:443 |
| 2022-01-14 12:00:29 | ab2bd639bd6deed5786448002a6945e9 | n/a | 172.217.168.4:443 |
| 2022-01-14 12:00:29 | ab2bd639bd6deed5786448002a6945e9 | n/a | 172.217.168.35:443 |
| 2022-01-14 11:07:23 | e4b33586bfdb5a9cd45f3038b8f4ccbd | n/a | 142.250.72.164:443 |
| 2022-01-14 11:07:23 | e4b33586bfdb5a9cd45f3038b8f4ccbd | n/a | 142.250.68.3:443 |
| 2022-01-14 11:07:22 | e4b33586bfdb5a9cd45f3038b8f4ccbd | n/a | 142.250.72.227:443 |
| 2022-01-14 10:14:40 | 7c64bd730b6c9565f287278834a33618 | n/a | 172.217.168.35:443 |
| 2022-01-14 05:19:24 | 2d03728d8cc5c7ff0fb9f70de3292cd4 | n/a | 172.217.168.68:443 |
| 2022-01-14 05:19:24 | 2d03728d8cc5c7ff0fb9f70de3292cd4 | n/a | 172.217.168.67:443 |
| 2022-01-13 08:06:45 | c5ec54543105c64135c181b7a7283658 | n/a | 172.217.168.67:443 |
| 2022-01-13 08:06:45 | c5ec54543105c64135c181b7a7283658 | n/a | 172.217.168.68:443 |
| 2022-01-13 08:06:44 | c5ec54543105c64135c181b7a7283658 | n/a | 172.217.168.3:443 |
| 2022-01-13 08:02:04 | 95356994b2a28586786855d158676289 | n/a | 142.251.39.99:443 |
| 2022-01-13 08:02:04 | 95356994b2a28586786855d158676289 | n/a | 216.58.208.100:443 |
| 2022-01-13 07:36:08 | 26533d1123c26472c3db654ef0791148 | n/a | 172.217.4.163:443 |
| 2022-01-12 12:51:03 | a9c07cf8e9106baf9a597a769aa07a94 | n/a | 172.217.168.36:443 |
| 2022-01-12 12:51:03 | a9c07cf8e9106baf9a597a769aa07a94 | n/a | 172.217.168.35:443 |
| 2022-01-12 08:40:55 | b591c0da775c2df0ed0cd5612c367ab1 | n/a | 216.58.215.227:443 |
| 2022-01-11 21:37:15 | b7726400c83e4f65c3a749c8bf05d61d | n/a | 142.250.181.228:443 |
| 2022-01-11 21:37:14 | b7726400c83e4f65c3a749c8bf05d61d | n/a | 142.250.186.131:443 |
| 2022-01-11 20:50:16 | f4d74fa642fbd55fa10941c0ba4e594f | n/a | 172.217.168.3:443 |
| 2022-01-11 20:07:09 | 315ed3d6ebaf66bd0728a71191a0f949 | n/a | 216.58.208.100:443 |
| 2022-01-11 20:07:08 | 315ed3d6ebaf66bd0728a71191a0f949 | n/a | 142.250.179.163:443 |
| 2022-01-11 09:07:17 | a31d071e702db60e327007e4f9680bad | n/a | 142.250.186.164:443 |
| 2022-01-11 09:07:16 | a31d071e702db60e327007e4f9680bad | n/a | 142.250.181.227:443 |
| 2022-01-11 09:07:16 | a31d071e702db60e327007e4f9680bad | n/a | 142.250.186.131:443 |
| 2022-01-11 07:05:01 | e9af941c5a2c51bac0912e5148043149 | n/a | 172.217.168.68:443 |
| 2022-01-11 07:05:01 | e9af941c5a2c51bac0912e5148043149 | n/a | 172.217.168.67:443 |
| 2022-01-11 06:29:53 | a3f805829eef7ae401e84a31d6286702 | n/a | 172.217.5.196:443 |
| 2022-01-11 06:29:53 | a3f805829eef7ae401e84a31d6286702 | n/a | 172.217.14.67:443 |
| 2022-01-11 06:19:11 | 08719e4d0e22fca2ba927a8f4f8287c2 | 25 / 68 (36.76%)
| 216.58.208.100:443 |
| 2022-01-11 06:19:11 | 08719e4d0e22fca2ba927a8f4f8287c2 | 25 / 68 (36.76%)
| 142.250.179.163:443 |
| 2022-01-10 15:51:42 | f3614c2a7c23c7fe97f23a48fc519624 | n/a | 216.58.215.228:443 |
| 2022-01-10 15:51:41 | f3614c2a7c23c7fe97f23a48fc519624 | n/a | 172.217.168.35:443 |
| 2022-01-10 10:27:15 | 8d220417c859bc1f25ab7773f271e57c | n/a | 172.217.168.35:443 |
| 2022-01-10 10:27:14 | 8d220417c859bc1f25ab7773f271e57c | n/a | 172.217.168.36:443 |
| 2022-01-10 08:55:13 | ea528eb0774cd6cbb49df9742736a469 | n/a | 216.58.215.228:443 |
| 2022-01-10 08:55:13 | ea528eb0774cd6cbb49df9742736a469 | n/a | 172.217.168.67:443 |
| 2022-01-10 08:09:59 | 5c9fc8ff990cc99c0250f81aa86444ec | n/a | 142.250.184.227:443 |
| 2022-01-10 08:09:58 | 5c9fc8ff990cc99c0250f81aa86444ec | n/a | 142.250.185.67:443 |
| 2022-01-10 08:09:58 | 5c9fc8ff990cc99c0250f81aa86444ec | n/a | 142.250.181.228:443 |
| 2022-01-09 17:38:36 | 0dec24689687365222a13067e53fd422 | n/a | 49.7.32.101:443 |
| 2022-01-09 17:38:36 | 0dec24689687365222a13067e53fd422 | n/a | 129.227.142.21:443 |
| 2022-01-09 17:38:35 | 0dec24689687365222a13067e53fd422 | n/a | 23.222.37.111:443 |
| 2022-01-09 17:38:35 | 0dec24689687365222a13067e53fd422 | n/a | 106.38.212.25:443 |
| 2022-01-09 17:38:34 | 0dec24689687365222a13067e53fd422 | n/a | 118.26.32.10:443 |
| 2022-01-09 17:38:34 | 0dec24689687365222a13067e53fd422 | n/a | 118.26.120.1:443 |
| 2022-01-09 17:38:34 | 0dec24689687365222a13067e53fd422 | n/a | 96.16.53.210:443 |
| 2022-01-09 07:57:09 | 3c987f1bf61a7c2c79bcdcdcddf0db2a | 20 / 66 (30.30%)
| 142.251.39.99:443 |
| 2022-01-09 07:57:09 | 3c987f1bf61a7c2c79bcdcdcddf0db2a | 20 / 66 (30.30%)
| 216.58.208.100:443 |
| 2022-01-09 07:27:42 | b78c1fd008164d31321a0948c3afc6b2 | 38 / 65 (58.46%)
| 172.217.168.67:443 |
| 2022-01-09 07:27:42 | b78c1fd008164d31321a0948c3afc6b2 | 38 / 65 (58.46%)
| 216.58.215.228:443 |
| 2022-01-09 07:27:42 | b78c1fd008164d31321a0948c3afc6b2 | 38 / 65 (58.46%)
| 142.250.203.100:443 |
| 2022-01-09 06:10:08 | a8a82181892904c5623086befebae535 | 39 / 68 (57.35%)
| 142.250.217.131:443 |
# of entries: 100 (max: 100)