JA3 Fingerprints
You can find further information about the JA3 fingerprint 25d74b7b4b779eb1efd4b31d26d651c6, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | 25d74b7b4b779eb1efd4b31d26d651c6 |
|---|---|
| First seen: | 2019-08-03 20:15:33 UTC |
| Last seen: | 2020-07-14 21:43:25 UTC |
| Status: | Blacklisted |
| Malware samples: | 150 |
| Destination IPs: | 29 |
| Malware: | Tofsee  |
| Listing date: | 2020-01-09 14:30:41 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-07-14 21:43:25 | 88241d305ae596b5a09fd7e3f08f9d63 |  37 / 73 (50.68%)
| 40.101.12.114:993 |
| 2020-07-14 21:43:25 | 88241d305ae596b5a09fd7e3f08f9d63 | 37 / 73 (50.68%)
| 40.101.12.114:993 |
| 2020-06-23 02:24:04 | 275cd8c75977523e4bcd3fc8d607963c | 30 / 74 (40.54%)
| 40.101.12.98:993 |
| 2020-06-23 02:24:04 | 275cd8c75977523e4bcd3fc8d607963c | 30 / 74 (40.54%)
| 40.101.12.98:993 |
| 2020-06-22 22:11:33 | 06708f79d965f20cb92de0d6aaef9342 | 48 / 74 (64.86%)
| 40.101.12.114:993 |
| 2020-06-22 22:11:33 | 06708f79d965f20cb92de0d6aaef9342 | 48 / 74 (64.86%)
| 40.101.12.114:993 |
| 2020-06-22 21:39:56 | 188f6742a5dad541a51a514e1683d776 | 45 / 71 (63.38%)
| 40.101.83.194:993 |
| 2020-06-22 21:39:56 | 188f6742a5dad541a51a514e1683d776 | 45 / 71 (63.38%)
| 40.101.83.194:993 |
| 2020-06-13 16:56:52 | aa6da725e7716737d3b244b2d5dea21b | 43 / 73 (58.90%)
| 40.101.50.194:993 |
| 2020-06-13 16:56:52 | aa6da725e7716737d3b244b2d5dea21b | 43 / 73 (58.90%)
| 40.101.50.194:993 |
| 2020-06-13 12:27:34 | a4f141dcda6675c024fc754b24569528 | 45 / 72 (62.50%)
| 40.101.50.162:993 |
| 2020-06-13 12:27:34 | a4f141dcda6675c024fc754b24569528 | 45 / 72 (62.50%)
| 40.101.50.162:993 |
| 2020-06-13 00:39:25 | 186349f1a9f660463ec011955fa9c0a9 | 42 / 74 (56.76%)
| 40.101.84.18:993 |
| 2020-06-13 00:39:25 | 186349f1a9f660463ec011955fa9c0a9 | 42 / 74 (56.76%)
| 40.101.84.18:993 |
| 2020-06-12 08:12:33 | 20883046444504b103a2c6afe9f76caf | 44 / 74 (59.46%)
| 40.101.126.114:993 |
| 2020-06-12 08:12:33 | 20883046444504b103a2c6afe9f76caf | 44 / 74 (59.46%)
| 40.101.126.114:993 |
| 2020-06-12 03:47:04 | 0064f96a2302bb30513cc57ab5ecacee | 48 / 73 (65.75%)
| 40.101.48.82:993 |
| 2020-06-12 03:47:04 | 0064f96a2302bb30513cc57ab5ecacee | 48 / 73 (65.75%)
| 40.101.48.82:993 |
| 2020-06-11 23:33:45 | 0d8b6e20cd1d695c1317fb661b9bccd4 | 47 / 73 (64.38%)
| 40.101.51.114:993 |
| 2020-06-11 23:33:45 | 0d8b6e20cd1d695c1317fb661b9bccd4 | 47 / 73 (64.38%)
| 40.101.51.114:993 |
| 2020-06-10 22:43:14 | 11765b77618928d6b03765664029a15d | 48 / 72 (66.67%)
| 40.101.12.98:993 |
| 2020-06-10 22:43:14 | 11765b77618928d6b03765664029a15d | 48 / 72 (66.67%)
| 40.101.121.18:993 |
| 2020-06-10 22:43:14 | 11765b77618928d6b03765664029a15d | 48 / 72 (66.67%)
| 40.101.12.98:993 |
| 2020-06-10 22:43:14 | 11765b77618928d6b03765664029a15d | 48 / 72 (66.67%)
| 40.101.121.18:993 |
| 2020-06-09 07:49:51 | 0af96a1cca4ee238909e7ccf4e9e24ef | 57 / 70 (81.43%)
| 40.101.80.178:993 |
| 2020-06-09 07:49:51 | 0af96a1cca4ee238909e7ccf4e9e24ef | 57 / 70 (81.43%)
| 40.101.80.178:993 |
| 2020-06-08 21:05:20 | 4ec0fa372bf85fccfbc3b8192786e853 | 37 / 72 (51.39%)
| 52.97.170.34:993 |
| 2020-06-08 21:05:20 | 4ec0fa372bf85fccfbc3b8192786e853 | 37 / 72 (51.39%)
| 52.97.170.34:993 |
| 2020-06-08 06:46:43 | 2263a1b9149491dc3a2fcfda9cb4e0cb | 37 / 72 (51.39%)
| 52.97.188.66:993 |
| 2020-06-08 06:46:43 | 2263a1b9149491dc3a2fcfda9cb4e0cb | 37 / 72 (51.39%)
| 52.97.188.66:993 |
| 2020-06-07 03:13:41 | 645d01bc4d8b0f936150771779901ab3 | 31 / 73 (42.47%)
| 40.101.126.194:993 |
| 2020-06-07 03:13:41 | 645d01bc4d8b0f936150771779901ab3 | 31 / 73 (42.47%)
| 40.101.126.194:993 |
| 2020-06-06 19:42:24 | 4b8723377216600d7b2f1866941e463a | 40 / 73 (54.79%)
| 40.101.51.130:993 |
| 2020-06-06 19:42:24 | 4b8723377216600d7b2f1866941e463a | 40 / 73 (54.79%)
| 40.101.51.130:993 |
| 2020-06-06 08:20:40 | 291500fd2bd96429e39d3aaee59f7a3f | 37 / 72 (51.39%)
| 40.101.51.114:993 |
| 2020-06-06 08:20:40 | 291500fd2bd96429e39d3aaee59f7a3f | 37 / 72 (51.39%)
| 40.101.51.114:993 |
| 2020-06-04 17:13:43 | 89977105987000082f42424f45a64457 | 45 / 71 (63.38%)
| 40.101.51.146:993 |
| 2020-06-04 17:13:43 | 89977105987000082f42424f45a64457 | 45 / 71 (63.38%)
| 40.101.51.146:993 |
| 2020-06-03 20:11:22 | 444189ff62dbf1b86beed92fdfdb5d90 | 41 / 73 (56.16%)
| 40.101.84.2:993 |
| 2020-06-03 20:11:22 | 444189ff62dbf1b86beed92fdfdb5d90 | 41 / 73 (56.16%)
| 40.101.84.2:993 |
| 2020-06-03 18:59:33 | 4076dfd3e8f7ce86e7c846928aa3661a | 21 / 73 (28.77%)
| 52.97.155.114:993 |
| 2020-06-03 18:59:33 | 4076dfd3e8f7ce86e7c846928aa3661a | 21 / 73 (28.77%)
| 52.97.155.114:993 |
| 2020-06-03 05:58:34 | 23a03cd4232c3a51e0cd109b67f18855 | 34 / 73 (46.58%)
| 40.101.50.194:993 |
| 2020-06-03 05:58:34 | 23a03cd4232c3a51e0cd109b67f18855 | 34 / 73 (46.58%)
| 40.101.50.194:993 |
| 2020-06-02 23:05:35 | 0c076ef11a5eab18ba13181bbdd4f52f | 38 / 73 (52.05%)
| 52.97.144.178:993 |
| 2020-06-02 23:05:35 | 0c076ef11a5eab18ba13181bbdd4f52f | 38 / 73 (52.05%)
| 52.97.144.178:993 |
| 2020-06-01 21:04:22 | 565a92e31f0939322a91e35be5c55961 | 32 / 73 (43.84%)
| 40.101.12.82:993 |
| 2020-06-01 21:04:22 | 565a92e31f0939322a91e35be5c55961 | 32 / 73 (43.84%)
| 40.101.12.82:993 |
| 2020-06-01 08:23:00 | 165ddff83c7394de9caa7e7199bb0030 | 56 / 73 (76.71%)
| 40.101.84.210:993 |
| 2020-06-01 08:23:00 | 165ddff83c7394de9caa7e7199bb0030 | 56 / 73 (76.71%)
| 40.101.84.210:993 |
| 2020-06-01 07:07:38 | 0ef677668df589aa19e622d623139069 | 46 / 72 (63.89%)
| 40.101.51.146:993 |
| 2020-06-01 07:07:38 | 0ef677668df589aa19e622d623139069 | 46 / 72 (63.89%)
| 40.101.51.146:993 |
| 2020-06-01 06:50:09 | 9004f899c8f2e342c9ef722ace6718a9 | 38 / 73 (52.05%)
| 40.101.19.162:993 |
| 2020-06-01 06:50:09 | 9004f899c8f2e342c9ef722ace6718a9 | 38 / 73 (52.05%)
| 40.101.19.162:993 |
| 2020-05-31 12:28:55 | 5ee07e9f53d82de0ba8eca75b4f12c11 | 40 / 73 (54.79%)
| 40.101.84.210:993 |
| 2020-05-31 12:28:55 | 5ee07e9f53d82de0ba8eca75b4f12c11 | 40 / 73 (54.79%)
| 40.101.84.210:993 |
| 2020-05-31 07:59:00 | 43f4ec91f341bc01a16884a3e891fc67 | 50 / 73 (68.49%)
| 40.101.121.2:993 |
| 2020-05-31 07:59:00 | 43f4ec91f341bc01a16884a3e891fc67 | 50 / 73 (68.49%)
| 40.101.121.2:993 |
| 2020-05-30 20:20:17 | 905e801af6d84772c2b961a0e1032840 | 46 / 72 (63.89%)
| 40.101.84.2:993 |
| 2020-05-30 20:20:17 | 905e801af6d84772c2b961a0e1032840 | 46 / 72 (63.89%)
| 40.101.84.2:993 |
| 2020-05-30 15:45:00 | 776e7db40bc3b50ae269d927c10e1f6d | 56 / 73 (76.71%)
| 40.101.126.130:993 |
| 2020-05-30 15:45:00 | 776e7db40bc3b50ae269d927c10e1f6d | 56 / 73 (76.71%)
| 40.101.126.130:993 |
| 2020-05-30 12:03:08 | 42171261efc6586d2fb11777f49ea3a3 | 56 / 72 (77.78%)
| 52.97.163.2:993 |
| 2020-05-30 12:03:08 | 42171261efc6586d2fb11777f49ea3a3 | 56 / 72 (77.78%)
| 52.97.163.2:993 |
| 2020-05-29 23:39:01 | 3c43139fe11d77d4578ce7a103c2b270 | 39 / 73 (53.42%)
| 40.101.30.242:993 |
| 2020-05-29 23:39:01 | 3c43139fe11d77d4578ce7a103c2b270 | 39 / 73 (53.42%)
| 40.101.30.242:993 |
| 2020-05-29 20:30:40 | 0442765c8308662fc48d5158b8f63410 | 41 / 72 (56.94%)
| 40.101.126.130:993 |
| 2020-05-29 20:30:40 | 0442765c8308662fc48d5158b8f63410 | 41 / 72 (56.94%)
| 40.101.126.130:993 |
| 2020-05-29 18:42:14 | 1818543d2a2006ae9b498cdec8d1417d | 52 / 73 (71.23%)
| 40.101.28.178:993 |
| 2020-05-29 18:42:14 | 1818543d2a2006ae9b498cdec8d1417d | 52 / 73 (71.23%)
| 40.101.28.178:993 |
| 2019-09-08 23:30:43 | e5a795371fddd895edff42606a3612f3 | 48/66 (72.73%)
| 217.69.139.90:993 |
| 2019-09-08 23:30:43 | e5a795371fddd895edff42606a3612f3 | 48/66 (72.73%)
| 217.69.139.90:993 |
| 2019-09-08 04:17:59 | 71ee7e217d09aa326fe03ac74326f60d | 33 / 68 (48.53%)
| 217.69.139.90:993 |
| 2019-09-08 04:17:59 | 71ee7e217d09aa326fe03ac74326f60d | 33 / 68 (48.53%)
| 217.69.139.90:993 |
| 2019-09-08 02:30:43 | 78174d7d966f4afd91cef7d6b847973c | 24 / 65 (36.92%)
| 94.100.180.90:993 |
| 2019-09-08 02:30:43 | 78174d7d966f4afd91cef7d6b847973c | 24 / 65 (36.92%)
| 94.100.180.90:993 |
| 2019-09-08 01:33:53 | 9edf624e82e937b1e1a89be17db46ea4 | 53/69 (76.81%)
| 217.69.139.90:993 |
| 2019-09-08 01:33:53 | 9edf624e82e937b1e1a89be17db46ea4 | 53/69 (76.81%)
| 217.69.139.90:993 |
| 2019-09-07 19:09:14 | 9f488f91ea3e6e1d033b61ad886e98e3 | 53/69 (76.81%)
| 94.100.180.90:993 |
| 2019-09-07 19:09:14 | 9f488f91ea3e6e1d033b61ad886e98e3 | 53/69 (76.81%)
| 94.100.180.90:993 |
| 2019-09-07 18:50:29 | bd054caf91b0b7bdca83f0d4ac29ce38 | 41/69 (59.42%)
| 94.100.180.90:993 |
| 2019-09-07 18:50:29 | bd054caf91b0b7bdca83f0d4ac29ce38 | 41/69 (59.42%)
| 94.100.180.90:993 |
| 2019-09-07 01:55:44 | d25b1fdd3c50acda31d8c4d6b51d7fe8 | n/a | 94.100.180.90:993 |
| 2019-09-07 01:55:44 | d25b1fdd3c50acda31d8c4d6b51d7fe8 | n/a | 94.100.180.90:993 |
| 2019-09-06 16:00:32 | 17d776a21be0501d2d86276aaa113780 | 53/71 (74.65%)
| 217.69.139.90:993 |
| 2019-09-06 16:00:32 | 17d776a21be0501d2d86276aaa113780 | 53/71 (74.65%)
| 217.69.139.90:993 |
| 2019-09-06 05:40:33 | b4aeb05f29bafcb4e9d969a9a6ad56d3 | 33 / 66 (50.00%)
| 94.100.180.90:993 |
| 2019-09-06 05:40:33 | b4aeb05f29bafcb4e9d969a9a6ad56d3 | 33 / 66 (50.00%)
| 94.100.180.90:993 |
| 2019-09-05 09:56:59 | db6098971c82933fbb382b7da4dcd304 | n/a | 94.100.180.90:993 |
| 2019-09-05 09:56:59 | db6098971c82933fbb382b7da4dcd304 | n/a | 94.100.180.90:993 |
| 2019-09-05 09:56:44 | 71edb62981757165054fa172127239a7 | 52/68 (76.47%)
| 94.100.180.90:993 |
| 2019-09-05 09:56:44 | 71edb62981757165054fa172127239a7 | 52/68 (76.47%)
| 94.100.180.90:993 |
| 2019-09-05 08:52:20 | 115a438807a9262e15b085b26bbea33f | n/a | 94.100.180.90:993 |
| 2019-09-05 08:52:20 | 115a438807a9262e15b085b26bbea33f | n/a | 94.100.180.90:993 |
| 2019-09-05 07:59:02 | fbc71040ebe5662a7be8a5e8dae81691 | 23 / 67 (34.33%)
| 94.100.180.90:993 |
| 2019-09-05 07:59:02 | fbc71040ebe5662a7be8a5e8dae81691 | 23 / 67 (34.33%)
| 94.100.180.90:993 |
| 2019-09-05 01:41:41 | 88ddb800f09364ef57ee2d2dab28ca14 | n/a | 217.69.139.90:993 |
| 2019-09-05 01:41:41 | 88ddb800f09364ef57ee2d2dab28ca14 | n/a | 217.69.139.90:993 |
| 2019-09-05 01:27:31 | 7584316e9d238e2e64102ba25b28f5e5 | 33/69 (47.83%)
| 94.100.180.90:993 |
| 2019-09-05 01:27:31 | 7584316e9d238e2e64102ba25b28f5e5 | 33/69 (47.83%)
| 94.100.180.90:993 |
# of entries: 100 (max: 100)