JA3 Fingerprints
You can find further information about the JA3 fingerprint 1fe4c7a3544eb27afec2adfb3a3dbf60, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | 1fe4c7a3544eb27afec2adfb3a3dbf60 |
|---|---|
| First seen: | 2018-03-11 19:23:08 UTC |
| Last seen: | 2021-01-19 12:45:56 UTC |
| Status: | Blacklisted |
| Malware samples: | 4'900 |
| Destination IPs: | 572 |
| Malware: | Tofsee  |
| Listing date: | 2020-01-09 14:18:54 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2021-01-19 12:45:56 | aa76500938179dd406604e054833f3ba |  36 / 71 (50.70%)
| 172.217.17.36:443 |
| 2021-01-19 12:45:56 | aa76500938179dd406604e054833f3ba | 36 / 71 (50.70%)
| 172.217.20.67:443 |
| 2021-01-19 12:27:05 | aa350e225481682f56ec0bbfa9279304 | 32 / 70 (45.71%)
| 172.217.17.99:443 |
| 2021-01-19 12:27:05 | aa350e225481682f56ec0bbfa9279304 | 32 / 70 (45.71%)
| 172.217.17.100:443 |
| 2021-01-19 12:27:05 | aa350e225481682f56ec0bbfa9279304 | 32 / 70 (45.71%)
| 172.217.17.68:443 |
| 2021-01-19 12:27:05 | aa350e225481682f56ec0bbfa9279304 | 32 / 70 (45.71%)
| 172.217.168.195:443 |
| 2021-01-19 10:47:46 | a9170f53c0a62b7a00eab06887372930 | 54 / 71 (76.06%)
| 172.217.17.100:443 |
| 2021-01-19 10:47:46 | a9170f53c0a62b7a00eab06887372930 | 54 / 71 (76.06%)
| 172.217.168.195:443 |
| 2021-01-19 07:07:24 | a5baf0340804cbe82f742ad1ad5b0154 | 51 / 70 (72.86%)
| 172.217.17.99:443 |
| 2021-01-19 07:07:24 | a5baf0340804cbe82f742ad1ad5b0154 | 51 / 70 (72.86%)
| 172.217.20.68:443 |
| 2021-01-19 05:14:49 | a44fc3bdcacf1141c95e3e3b41358940 | 49 / 69 (71.01%)
| 216.58.208.99:443 |
| 2021-01-19 05:14:48 | a44fc3bdcacf1141c95e3e3b41358940 | 49 / 69 (71.01%)
| 172.217.17.36:443 |
| 2021-01-18 07:46:57 | a7c0edb719ab638f7b8c6375312fc04c | 42 / 71 (59.15%)
| 193.246.48.163:443 |
| 2021-01-18 07:46:57 | a7c0edb719ab638f7b8c6375312fc04c | 42 / 71 (59.15%)
| 104.66.162.208:443 |
| 2021-01-18 07:46:57 | a7c0edb719ab638f7b8c6375312fc04c | 42 / 71 (59.15%)
| 116.211.201.189:443 |
| 2021-01-18 07:46:57 | a7c0edb719ab638f7b8c6375312fc04c | 42 / 71 (59.15%)
| 118.26.32.10:443 |
| 2021-01-18 07:46:56 | a7c0edb719ab638f7b8c6375312fc04c | 42 / 71 (59.15%)
| 49.7.32.242:443 |
| 2021-01-18 07:46:56 | a7c0edb719ab638f7b8c6375312fc04c | 42 / 71 (59.15%)
| 49.7.32.101:443 |
| 2021-01-18 07:46:56 | a7c0edb719ab638f7b8c6375312fc04c | 42 / 71 (59.15%)
| 118.26.32.16:443 |
| 2021-01-17 11:13:31 | ba45c3e683d501e3eb7fd71b97f958a9 | 47 / 69 (68.12%)
| 172.217.168.68:443 |
| 2021-01-17 11:13:31 | ba45c3e683d501e3eb7fd71b97f958a9 | 47 / 69 (68.12%)
| 172.217.168.67:443 |
| 2021-01-17 08:44:49 | b795b8c74bc6b137e6996224f673a4f8 | 54 / 70 (77.14%)
| 172.217.168.195:443 |
| 2021-01-17 08:01:47 | b6c8cbb926e01fd508b631626225415b | 34 / 71 (47.89%)
| 172.217.168.3:443 |
| 2021-01-17 08:01:47 | b6c8cbb926e01fd508b631626225415b | 34 / 71 (47.89%)
| 172.217.168.36:443 |
| 2021-01-17 07:09:26 | b6729af82c5941137f389447af944903 | 53 / 71 (74.65%)
| 172.217.17.35:443 |
| 2021-01-17 07:09:25 | b6729af82c5941137f389447af944903 | 53 / 71 (74.65%)
| 172.217.17.100:443 |
| 2021-01-16 18:31:22 | b1721a6d58756cbe5af6706904865376 | 35 / 69 (50.72%)
| 172.217.17.36:443 |
| 2021-01-16 18:31:22 | b1721a6d58756cbe5af6706904865376 | 35 / 69 (50.72%)
| 172.217.168.196:443 |
| 2021-01-16 18:31:22 | b1721a6d58756cbe5af6706904865376 | 35 / 69 (50.72%)
| 172.217.20.99:443 |
| 2021-01-16 09:36:42 | a99016222cfa29812d0896cac6a64453 | 32 / 69 (46.38%)
| 172.217.168.68:443 |
| 2021-01-16 09:36:41 | a99016222cfa29812d0896cac6a64453 | 32 / 69 (46.38%)
| 172.217.168.3:443 |
| 2021-01-16 09:13:13 | a8fc4b5508ef9e365b9145317dec9189 | 52 / 69 (75.36%)
| 216.58.215.227:443 |
| 2021-01-16 09:13:12 | a8fc4b5508ef9e365b9145317dec9189 | 52 / 69 (75.36%)
| 172.217.168.68:443 |
| 2021-01-16 06:43:30 | a76e4a0525f6f08bbe7e8610cec28c6d | n/a | 172.217.20.99:443 |
| 2021-01-15 15:43:30 | b233d828acf20be3bfe14b0800503f61 | 21 / 70 (30.00%)
| 172.217.17.131:443 |
| 2021-01-15 15:43:30 | b233d828acf20be3bfe14b0800503f61 | 21 / 70 (30.00%)
| 172.217.17.36:443 |
| 2021-01-14 19:07:43 | 21264a07047de84fad7efe7fc5b6cd62 | 37 / 70 (52.86%)
| 172.217.168.67:443 |
| 2021-01-14 19:07:42 | 21264a07047de84fad7efe7fc5b6cd62 | 37 / 70 (52.86%)
| 172.217.168.68:443 |
| 2021-01-14 19:07:42 | 21264a07047de84fad7efe7fc5b6cd62 | 37 / 70 (52.86%)
| 172.217.168.35:443 |
| 2021-01-14 18:42:44 | 1786d852893c7dadfd3a3939a6e2015e | 40 / 70 (57.14%)
| 74.125.195.94:443 |
| 2021-01-14 18:42:44 | 1786d852893c7dadfd3a3939a6e2015e | 40 / 70 (57.14%)
| 74.125.20.103:443 |
| 2021-01-14 16:22:17 | df6ca287b5997e64ac9eb559b2e2d0ca | n/a | 216.58.208.99:443 |
| 2021-01-14 16:22:17 | df6ca287b5997e64ac9eb559b2e2d0ca | n/a | 172.217.168.196:443 |
| 2021-01-14 15:48:33 | dcf82f068a3d5dce6d48a1eef2eafd53 | n/a | 172.217.168.35:443 |
| 2021-01-14 15:48:32 | dcf82f068a3d5dce6d48a1eef2eafd53 | n/a | 172.217.168.67:443 |
| 2021-01-14 15:48:32 | dcf82f068a3d5dce6d48a1eef2eafd53 | n/a | 172.217.168.4:443 |
| 2021-01-14 15:15:09 | dac9e580f9ff641dc1af323d98618153 | 40 / 70 (57.14%)
| 172.217.168.4:443 |
| 2021-01-14 15:15:08 | dac9e580f9ff641dc1af323d98618153 | 40 / 70 (57.14%)
| 216.58.215.227:443 |
| 2021-01-14 14:47:22 | d8f2352f0aa9cbf833079514cb642c0e | n/a | 172.217.168.67:443 |
| 2021-01-14 14:47:22 | d8f2352f0aa9cbf833079514cb642c0e | n/a | 172.217.168.68:443 |
| 2021-01-14 12:32:13 | d0886454a1a812bd1ffa40c2e7988ca4 | 43 / 67 (64.18%)
| 172.217.168.67:443 |
| 2021-01-14 12:03:45 | ce645d9be5f81a54f281058e0d31e55a | n/a | 172.217.168.35:443 |
| 2021-01-14 12:03:45 | ce645d9be5f81a54f281058e0d31e55a | n/a | 172.217.168.4:443 |
| 2021-01-14 11:48:19 | cd37560b13db65f227611fe491116a8d | 53 / 71 (74.65%)
| 172.217.20.68:443 |
| 2021-01-14 11:48:19 | cd37560b13db65f227611fe491116a8d | 53 / 71 (74.65%)
| 172.217.17.67:443 |
| 2021-01-14 10:19:31 | c79e66e12b737c5113c75f765e00b3aa | n/a | 172.217.168.68:443 |
| 2021-01-14 10:19:31 | c79e66e12b737c5113c75f765e00b3aa | n/a | 172.217.168.35:443 |
| 2021-01-14 09:20:38 | c3e574e9979f22f19bdd9a6171459358 | n/a | 172.217.168.67:443 |
| 2021-01-14 09:20:38 | c3e574e9979f22f19bdd9a6171459358 | n/a | 216.58.215.228:443 |
| 2021-01-14 08:13:00 | bff59dfab5832835d40a68a9b6b2f369 | 46 / 69 (66.67%)
| 172.217.168.3:443 |
| 2021-01-14 08:13:00 | bff59dfab5832835d40a68a9b6b2f369 | 46 / 69 (66.67%)
| 172.217.168.4:443 |
| 2021-01-14 04:54:33 | b83f0c24bff4328a0ea78e99ead235b2 | 48 / 71 (67.61%)
| 172.217.168.35:443 |
| 2021-01-14 04:54:32 | b83f0c24bff4328a0ea78e99ead235b2 | 48 / 71 (67.61%)
| 216.58.215.227:443 |
| 2021-01-14 04:54:32 | b83f0c24bff4328a0ea78e99ead235b2 | 48 / 71 (67.61%)
| 216.58.215.228:443 |
| 2021-01-14 04:54:32 | b83f0c24bff4328a0ea78e99ead235b2 | 48 / 71 (67.61%)
| 172.217.168.36:443 |
| 2021-01-13 12:12:13 | b4a060249a259f1c0514f3c768a7dac1 | 34 / 71 (47.89%)
| 172.217.168.3:443 |
| 2021-01-13 12:07:40 | b497cf09617513405a18bee83b467f11 | 53 / 71 (74.65%)
| 216.58.208.99:443 |
| 2021-01-13 12:07:40 | b497cf09617513405a18bee83b467f11 | 53 / 71 (74.65%)
| 172.217.17.68:443 |
| 2021-01-13 12:07:40 | b497cf09617513405a18bee83b467f11 | 53 / 71 (74.65%)
| 216.58.211.99:443 |
| 2021-01-13 12:07:40 | b497cf09617513405a18bee83b467f11 | 53 / 71 (74.65%)
| 172.217.20.68:443 |
| 2021-01-13 07:38:30 | b39b177060cf7cf39a57a0827928edf3 | n/a | 216.58.215.227:443 |
| 2021-01-13 07:38:30 | b39b177060cf7cf39a57a0827928edf3 | n/a | 172.217.168.68:443 |
| 2021-01-12 08:06:04 | a6ca23f38e852d7762c4acf09a822937 | 58 / 71 (81.69%)
| 172.217.168.67:443 |
| 2021-01-12 08:06:04 | a6ca23f38e852d7762c4acf09a822937 | 58 / 71 (81.69%)
| 216.58.215.228:443 |
| 2021-01-11 12:31:09 | ac911f6bb65448f0ead2836dde7f392a | 43 / 70 (61.43%)
| 172.217.168.35:443 |
| 2021-01-11 12:31:09 | ac911f6bb65448f0ead2836dde7f392a | 43 / 70 (61.43%)
| 172.217.168.3:443 |
| 2021-01-11 12:31:09 | ac911f6bb65448f0ead2836dde7f392a | 43 / 70 (61.43%)
| 172.217.168.4:443 |
| 2021-01-11 07:54:17 | a82599d96ba16cab77a909c2a39f944d | 39 / 70 (55.71%)
| 172.217.168.4:443 |
| 2021-01-11 07:54:16 | a82599d96ba16cab77a909c2a39f944d | 39 / 70 (55.71%)
| 172.217.168.68:443 |
| 2021-01-11 07:54:16 | a82599d96ba16cab77a909c2a39f944d | 39 / 70 (55.71%)
| 216.58.215.227:443 |
| 2021-01-10 17:18:31 | b347ff49436b46331e9dcb9d9856a0f9 | 35 / 70 (50.00%)
| 172.217.168.35:443 |
| 2021-01-10 17:18:30 | b347ff49436b46331e9dcb9d9856a0f9 | 35 / 70 (50.00%)
| 172.217.168.36:443 |
| 2021-01-10 14:54:49 | b129aedd89fd12dce532bb5efdd7d987 | 29 / 70 (41.43%)
| 216.58.215.227:443 |
| 2021-01-10 14:54:49 | b129aedd89fd12dce532bb5efdd7d987 | 29 / 70 (41.43%)
| 172.217.168.68:443 |
| 2021-01-10 14:54:49 | b129aedd89fd12dce532bb5efdd7d987 | 29 / 70 (41.43%)
| 172.217.168.3:443 |
| 2021-01-10 11:22:45 | ade20bf44a404af80e57ed3074ae139c | 26 / 69 (37.68%)
| 172.217.17.35:443 |
| 2021-01-10 11:22:45 | ade20bf44a404af80e57ed3074ae139c | 26 / 69 (37.68%)
| 172.217.17.68:443 |
| 2021-01-10 10:04:05 | acb6ba38cdd3ad0ef8b39ac3fcc8d85d | 50 / 71 (70.42%)
| 172.217.168.196:443 |
| 2021-01-10 10:04:05 | acb6ba38cdd3ad0ef8b39ac3fcc8d85d | 50 / 71 (70.42%)
| 172.217.168.195:443 |
| 2021-01-10 07:15:42 | a9a0eff8b61e15d906801177c19eb5b3 | 51 / 68 (75.00%)
| 172.217.168.35:443 |
| 2021-01-10 07:15:41 | a9a0eff8b61e15d906801177c19eb5b3 | 51 / 68 (75.00%)
| 172.217.168.67:443 |
| 2021-01-10 07:15:41 | a9a0eff8b61e15d906801177c19eb5b3 | 51 / 68 (75.00%)
| 172.217.168.36:443 |
| 2021-01-10 06:58:38 | a92086f5e5a15270ffd924daa028897f | 50 / 70 (71.43%)
| 172.217.17.36:443 |
| 2021-01-10 06:58:37 | a92086f5e5a15270ffd924daa028897f | 50 / 70 (71.43%)
| 172.217.168.227:443 |
| 2021-01-09 19:12:10 | 34db1c32f79588aad8f2e327969f7d89 | 46 / 70 (65.71%)
| 216.58.208.99:443 |
| 2021-01-09 19:12:09 | 34db1c32f79588aad8f2e327969f7d89 | 46 / 70 (65.71%)
| 172.217.168.196:443 |
| 2021-01-09 19:05:00 | 0eac38bf1f74d2eb3cab2786bae0e6c5 | 21 / 68 (30.88%)
| 172.217.168.3:443 |
| 2021-01-09 19:05:00 | 0eac38bf1f74d2eb3cab2786bae0e6c5 | 21 / 68 (30.88%)
| 172.217.168.68:443 |
| 2021-01-09 19:03:01 | 0b1f3148a1d4f465a3a0d19cfb5098b7 | n/a | 216.58.215.228:443 |
| 2021-01-09 19:03:01 | 0b1f3148a1d4f465a3a0d19cfb5098b7 | n/a | 216.58.215.227:443 |
# of entries: 100 (max: 100)