JA3 Fingerprints
You can find further information about the JA3 fingerprint 1fe4c7a3544eb27afec2adfb3a3dbf60, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | 1fe4c7a3544eb27afec2adfb3a3dbf60 |
|---|---|
| First seen: | 2018-03-11 19:23:08 UTC |
| Last seen: | 2020-10-22 11:59:14 UTC |
| Status: | Blacklisted |
| Malware samples: | 4'241 |
| Destination IPs: | 501 |
| Malware: | Tofsee  |
| Listing date: | 2020-01-09 14:18:54 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-10-22 11:59:14 | cfcd4edd2a5c3212a649c90e8c28108f |  38 / 69 (55.07%)
| 172.217.17.68:443 |
| 2020-10-22 11:59:14 | cfcd4edd2a5c3212a649c90e8c28108f | 38 / 69 (55.07%)
| 157.245.5.40:443 |
| 2020-10-22 11:58:08 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 157.245.5.40:443 |
| 2020-10-22 11:58:08 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 172.67.75.172:443 |
| 2020-10-22 06:33:49 | 598fc4f593d7ddd03ade0990a2f24bbc | n/a | 104.31.66.68:443 |
| 2020-10-22 06:33:48 | 598fc4f593d7ddd03ade0990a2f24bbc | n/a | 104.26.12.31:443 |
| 2020-10-22 05:19:13 | 2bd0ba68b23bf5a091b4b7f160984451 | 54 / 70 (77.14%)
| 104.26.13.31:443 |
| 2020-10-22 05:19:13 | 2bd0ba68b23bf5a091b4b7f160984451 | 54 / 70 (77.14%)
| 176.58.123.25:443 |
| 2020-10-22 04:32:08 | 275634f5633b71fcebd0a193ad8041f1 | 54 / 69 (78.26%)
| 172.217.168.68:443 |
| 2020-10-22 04:32:08 | 275634f5633b71fcebd0a193ad8041f1 | 54 / 69 (78.26%)
| 172.217.168.35:443 |
| 2020-10-22 04:01:53 | 1ea097dac06a568e8b73d5931df71205 | 55 / 71 (77.46%)
| 172.67.208.45:443 |
| 2020-10-22 04:01:52 | 1ea097dac06a568e8b73d5931df71205 | 55 / 71 (77.46%)
| 176.58.123.25:443 |
| 2020-10-21 12:40:07 | e767f4a18f1fd62795b7657c5af25b94 | 45 / 69 (65.22%)
| 104.31.66.68:443 |
| 2020-10-21 12:40:07 | e767f4a18f1fd62795b7657c5af25b94 | 45 / 69 (65.22%)
| 157.245.5.40:443 |
| 2020-10-21 10:38:37 | cf1f24fb8868b9a2aefa040f6372110a | n/a | 176.58.123.25:443 |
| 2020-10-21 10:38:37 | cf1f24fb8868b9a2aefa040f6372110a | n/a | 172.67.208.45:443 |
| 2020-10-21 09:31:05 | c097eed90735b7806977e132c71e55ba | 52 / 69 (75.36%)
| 157.245.5.40:443 |
| 2020-10-21 08:13:41 | a8166b3a0ad5785d55e2f4551d1a8776 | 50 / 70 (71.43%)
| 172.217.168.35:443 |
| 2020-10-21 07:24:19 | 9681f5d9f3b8cb3f1e41685314dc4f26 | 40 / 70 (57.14%)
| 77.88.55.77:443 |
| 2020-10-21 07:24:17 | 9681f5d9f3b8cb3f1e41685314dc4f26 | 40 / 70 (57.14%)
| 104.26.13.31:443 |
| 2020-10-21 07:24:17 | 9681f5d9f3b8cb3f1e41685314dc4f26 | 40 / 70 (57.14%)
| 176.58.123.25:443 |
| 2020-10-21 07:23:42 | 969e4cb1d56a1fb5ab17bd63f5047047 | n/a | 176.58.123.25:443 |
| 2020-10-21 07:23:42 | 969e4cb1d56a1fb5ab17bd63f5047047 | n/a | 104.31.67.68:443 |
| 2020-10-21 07:23:42 | 969e4cb1d56a1fb5ab17bd63f5047047 | n/a | 74.114.154.22:443 |
| 2020-10-21 07:23:42 | 969e4cb1d56a1fb5ab17bd63f5047047 | n/a | 23.128.64.141:443 |
| 2020-10-21 07:23:42 | 969e4cb1d56a1fb5ab17bd63f5047047 | n/a | 185.60.216.15:443 |
| 2020-10-21 07:23:42 | 969e4cb1d56a1fb5ab17bd63f5047047 | n/a | 185.60.216.35:443 |
| 2020-10-21 07:23:42 | 969e4cb1d56a1fb5ab17bd63f5047047 | n/a | 157.245.5.40:443 |
| 2020-10-21 07:23:42 | 969e4cb1d56a1fb5ab17bd63f5047047 | n/a | 104.26.12.31:443 |
| 2020-10-21 07:23:42 | 969e4cb1d56a1fb5ab17bd63f5047047 | n/a | 172.67.208.45:443 |
| 2020-10-21 05:00:06 | 5959fb4fdac381625895c71b6aa82354 | 52 / 71 (73.24%)
| 176.58.123.25:443 |
| 2020-10-21 05:00:05 | 5959fb4fdac381625895c71b6aa82354 | 52 / 71 (73.24%)
| 104.26.13.31:443 |
| 2020-10-20 20:27:04 | 296c19e924a55e9c543704a54b83bb83 | n/a | 104.31.67.68:443 |
| 2020-10-20 20:27:03 | 296c19e924a55e9c543704a54b83bb83 | n/a | 176.58.123.25:443 |
| 2020-10-20 20:20:31 | 246811115e42c1e330c6b2cc779f1314 | 41 / 71 (57.75%)
| 5.255.255.5:443 |
| 2020-10-20 20:20:31 | 246811115e42c1e330c6b2cc779f1314 | 41 / 71 (57.75%)
| 172.67.208.45:443 |
| 2020-10-20 14:25:22 | e160e61b193e939864ba8fbf2bc91d5a | 50 / 70 (71.43%)
| 104.31.67.68:443 |
| 2020-10-20 14:25:21 | e160e61b193e939864ba8fbf2bc91d5a | 50 / 70 (71.43%)
| 157.245.5.40:443 |
| 2020-10-20 14:11:32 | e056563e4328ae342d240e1bade2e705 | 43 / 71 (60.56%)
| 157.245.5.40:443 |
| 2020-10-20 14:11:32 | e056563e4328ae342d240e1bade2e705 | 43 / 71 (60.56%)
| 216.58.208.99:443 |
| 2020-10-20 14:11:32 | e056563e4328ae342d240e1bade2e705 | 43 / 71 (60.56%)
| 176.58.123.25:443 |
| 2020-10-20 14:11:32 | e056563e4328ae342d240e1bade2e705 | 43 / 71 (60.56%)
| 172.67.75.172:443 |
| 2020-10-20 14:04:32 | dfe9144313ccdba0978dd8b9da10d171 | 50 / 68 (73.53%)
| 157.245.5.40:443 |
| 2020-10-20 13:26:29 | dd9532bcca7259fe01c5bcd0d5dc6b1e | 49 / 71 (69.01%)
| 157.245.5.40:443 |
| 2020-10-20 13:26:29 | dd9532bcca7259fe01c5bcd0d5dc6b1e | 49 / 71 (69.01%)
| 104.26.12.31:443 |
| 2020-10-20 12:07:07 | d83b97357d25de17ce7753c358a6ad84 | 50 / 69 (72.46%)
| 157.245.5.40:443 |
| 2020-10-20 12:07:06 | d83b97357d25de17ce7753c358a6ad84 | 50 / 69 (72.46%)
| 172.67.208.45:443 |
| 2020-10-20 12:07:06 | d83b97357d25de17ce7753c358a6ad84 | 50 / 69 (72.46%)
| 176.58.123.25:443 |
| 2020-10-20 11:03:18 | d496c0949a59bef061150344c6add16e | 51 / 71 (71.83%)
| 104.31.66.68:443 |
| 2020-10-20 11:03:18 | d496c0949a59bef061150344c6add16e | 51 / 71 (71.83%)
| 104.26.12.31:443 |
| 2020-10-20 09:31:47 | cf58effcb1d31dfa9e075ccebc18b889 | 41 / 68 (60.29%)
| 172.67.208.45:443 |
| 2020-10-20 09:31:47 | cf58effcb1d31dfa9e075ccebc18b889 | 41 / 68 (60.29%)
| 104.26.13.31:443 |
| 2020-10-20 09:10:09 | ce0de0babca04f0dbcfce46cebe9a7b2 | 33 / 70 (47.14%)
| 118.26.32.16:443 |
| 2020-10-20 07:09:41 | c7d37c920a084c0042b807fd8c961e28 | n/a | 176.58.123.25:443 |
| 2020-10-20 07:09:40 | c7d37c920a084c0042b807fd8c961e28 | n/a | 157.245.5.40:443 |
| 2020-10-20 06:03:36 | c485754142ae62141f9bb8d1cbca29b5 | 48 / 70 (68.57%)
| 77.88.55.50:443 |
| 2020-10-20 06:03:36 | c485754142ae62141f9bb8d1cbca29b5 | 48 / 70 (68.57%)
| 176.58.123.25:443 |
| 2020-10-20 06:01:37 | c473a7bbc0c5b22f6c55a4dd49cd55c1 | 52 / 71 (73.24%)
| 176.58.123.25:443 |
| 2020-10-20 06:01:36 | c473a7bbc0c5b22f6c55a4dd49cd55c1 | 52 / 71 (73.24%)
| 5.255.255.50:443 |
| 2020-10-20 06:01:36 | c473a7bbc0c5b22f6c55a4dd49cd55c1 | 52 / 71 (73.24%)
| 157.245.5.40:443 |
| 2020-10-20 04:34:03 | bd0c59b5116ce386267500f9b06c028c | 53 / 70 (75.71%)
| 104.31.66.68:443 |
| 2020-10-20 02:31:07 | 90b863a4df8384b303aecf33d1550a53 | 49 / 71 (69.01%)
| 157.245.5.40:443 |
| 2020-10-20 02:31:06 | 90b863a4df8384b303aecf33d1550a53 | 49 / 71 (69.01%)
| 104.26.12.31:443 |
| 2020-10-20 01:10:07 | 6de9f7d281407ea5506c5220d9869a6c | 48 / 68 (70.59%)
| 77.88.55.80:443 |
| 2020-10-20 01:10:06 | 6de9f7d281407ea5506c5220d9869a6c | 48 / 68 (70.59%)
| 176.58.123.25:443 |
| 2020-10-20 00:09:57 | 5e8cdcd0c462df5d08c29a92452e3df8 | 50 / 70 (71.43%)
| 176.58.123.25:443 |
| 2020-10-20 00:09:57 | 5e8cdcd0c462df5d08c29a92452e3df8 | 50 / 70 (71.43%)
| 157.245.5.40:443 |
| 2020-10-20 00:09:57 | 5e8cdcd0c462df5d08c29a92452e3df8 | 50 / 70 (71.43%)
| 104.26.12.31:443 |
| 2020-10-19 21:55:16 | 3ddc7e243aa3c841a6ad02b9a7cd8249 | 56 / 69 (81.16%)
| 104.31.67.68:443 |
| 2020-10-19 14:21:25 | beba8fbcc297d2abdcb58fc1af743d77 | n/a | 104.26.13.31:443 |
| 2020-10-19 14:21:25 | beba8fbcc297d2abdcb58fc1af743d77 | n/a | 172.67.75.172:443 |
| 2020-10-19 09:58:41 | bb7325a7a8d0e4f6fea479a7e3543477 | 55 / 70 (78.57%)
| 74.125.142.94:443 |
| 2020-10-19 09:58:40 | bb7325a7a8d0e4f6fea479a7e3543477 | 55 / 70 (78.57%)
| 74.125.142.99:443 |
| 2020-10-19 09:58:40 | bb7325a7a8d0e4f6fea479a7e3543477 | 55 / 70 (78.57%)
| 172.67.208.45:443 |
| 2020-10-19 09:58:40 | bb7325a7a8d0e4f6fea479a7e3543477 | 55 / 70 (78.57%)
| 104.26.12.31:443 |
| 2020-10-19 08:12:28 | ba3ca049b719b1d511793086024baf37 | 50 / 71 (70.42%)
| 104.26.12.31:443 |
| 2020-10-19 07:08:04 | b961a1b4d8090f242ebd68718177178b | n/a | 157.245.5.40:443 |
| 2020-10-19 07:08:02 | b961a1b4d8090f242ebd68718177178b | n/a | 104.31.67.68:443 |
| 2020-10-19 07:07:57 | b961a1b4d8090f242ebd68718177178b | n/a | 5.255.255.88:443 |
| 2020-10-19 07:07:54 | b961a1b4d8090f242ebd68718177178b | n/a | 176.58.123.25:443 |
| 2020-10-19 06:06:10 | b3e198da47be8e4b43a262e7187363af | n/a | 172.67.75.172:443 |
| 2020-10-19 06:01:05 | b87243fa35a6cf4c6a860d5ca3cc707d | 17 / 69 (24.64%)
| 172.67.208.45:443 |
| 2020-10-19 06:01:04 | b87243fa35a6cf4c6a860d5ca3cc707d | 17 / 69 (24.64%)
| 5.255.255.80:443 |
| 2020-10-19 05:14:35 | b87380c890d342ca96352ec687135108 | 52 / 70 (74.29%)
| 104.26.12.31:443 |
| 2020-10-19 04:20:47 | b7c3fe22db172c42d3acda21f0c3db65 | 47 / 69 (68.12%)
| 157.240.194.18:443 |
| 2020-10-19 04:20:47 | b7c3fe22db172c42d3acda21f0c3db65 | 47 / 69 (68.12%)
| 104.31.67.68:443 |
| 2020-10-19 04:20:47 | b7c3fe22db172c42d3acda21f0c3db65 | 47 / 69 (68.12%)
| 31.13.72.36:443 |
| 2020-10-19 04:20:47 | b7c3fe22db172c42d3acda21f0c3db65 | 47 / 69 (68.12%)
| 31.13.72.8:443 |
| 2020-10-19 04:20:47 | b7c3fe22db172c42d3acda21f0c3db65 | 47 / 69 (68.12%)
| 176.58.123.25:443 |
| 2020-10-19 04:20:47 | b7c3fe22db172c42d3acda21f0c3db65 | 47 / 69 (68.12%)
| 157.245.5.40:443 |
| 2020-10-19 04:20:47 | b7c3fe22db172c42d3acda21f0c3db65 | 47 / 69 (68.12%)
| 185.60.216.15:443 |
| 2020-10-19 04:20:46 | b7c3fe22db172c42d3acda21f0c3db65 | 47 / 69 (68.12%)
| 74.114.154.18:443 |
| 2020-10-19 04:20:46 | b7c3fe22db172c42d3acda21f0c3db65 | 47 / 69 (68.12%)
| 172.67.75.172:443 |
| 2020-10-18 23:14:10 | b3c66b16cc86b3eb742618fdee907801 | 54 / 70 (77.14%)
| 157.240.194.18:443 |
| 2020-10-18 23:14:10 | b3c66b16cc86b3eb742618fdee907801 | 54 / 70 (77.14%)
| 157.245.5.40:443 |
| 2020-10-18 21:07:45 | ad8adf57cc6e40a4dcf24455037abd94 | n/a | 172.67.75.172:443 |
| 2020-10-18 21:07:43 | ad8adf57cc6e40a4dcf24455037abd94 | n/a | 176.58.123.25:443 |
| 2020-10-18 21:02:05 | b1400d2e3972b911f974405b247f24e6 | n/a | 104.26.12.31:443 |
| 2020-10-18 21:02:04 | b1400d2e3972b911f974405b247f24e6 | n/a | 104.31.66.68:443 |
| 2020-10-18 21:02:04 | b1400d2e3972b911f974405b247f24e6 | n/a | 31.13.72.8:443 |
# of entries: 100 (max: 100)