JA3 Fingerprints
You can find further information about the JA3 fingerprint 35c0a31c481927f022a3b530255ac080, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | 35c0a31c481927f022a3b530255ac080 |
|---|---|
| First seen: | 2017-07-15 19:43:19 UTC |
| Last seen: | 2019-01-14 08:07:30 UTC |
| Status: | Blacklisted |
| Malware samples: | 82 |
| Destination IPs: | 65 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 12:41:34 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2019-01-14 08:07:30 | da5f571b5f4ed4044166bdb9f0371e5a |  38/70 (54.29%)
| 184.87.195.79:443 |
| 2019-01-14 08:07:30 | da5f571b5f4ed4044166bdb9f0371e5a | 38/70 (54.29%)
| 184.87.195.66:443 |
| 2018-12-19 20:54:58 | 61f4fa70b33c54bb2e9e049359c3a03e | n/a | 95.100.171.186:443 |
| 2018-12-19 20:54:58 | 61f4fa70b33c54bb2e9e049359c3a03e | n/a | 95.100.171.225:443 |
| 2018-12-13 20:12:45 | 4b2405676f726333a5ad5754ae3af6b4 | 36/68 (52.94%)
| 104.18.85.12:443 |
| 2018-12-05 06:15:27 | f0a3e4eca113df7d09bbff6c3678ff27 | 35/69 (50.72%)
| 104.18.83.12:443 |
| 2018-11-29 20:46:03 | 020b08c9f4ece0ca858b702b57b5b6ee | 37/69 (53.62%)
| 104.18.82.12:443 |
| 2018-11-22 16:18:13 | a3f0d4f18f1b20f8931f07a2658edcf7 | 34/67 (50.75%)
| 104.18.85.12:443 |
| 2018-10-01 10:24:10 | 6fd77281abc776500f10c1aa7a4db120 | 22/68 (32.35%)
| 104.126.162.165:443 |
| 2018-09-23 22:32:03 | c5b3ca71d7f1f05c00f48741c3950247 | 33/69 (47.83%)
| 104.126.162.165:443 |
| 2018-09-18 00:29:13 | 354d64aadc25bb7899922a5dfee32643 | 36/68 (52.94%)
| 104.81.217.60:443 |
| 2018-09-13 06:24:17 | 5aef4e95115f74134e72e0e33bdd11b8 | 37/68 (54.41%)
| 104.81.217.60:443 |
| 2018-07-13 17:24:08 | 39df29c6f5788240b7bbbf3aeddfb2ba | 41/67 (61.19%)
| 23.75.198.182:443 |
| 2018-07-13 17:24:08 | 39df29c6f5788240b7bbbf3aeddfb2ba | 41/67 (61.19%)
| 184.84.194.220:443 |
| 2018-07-12 15:21:03 | 0a459f71e64db4a58e898d7fac57bb46 | 17/68 (25.00%)
| 2.19.77.81:443 |
| 2018-07-12 15:21:03 | 0a459f71e64db4a58e898d7fac57bb46 | 17/68 (25.00%)
| 23.201.250.90:443 |
| 2018-07-12 15:21:03 | 0a459f71e64db4a58e898d7fac57bb46 | 17/68 (25.00%)
| 2.19.70.124:443 |
| 2018-06-18 00:04:32 | 79784c42b787f2f083739b157d7f2927 | n/a | 23.66.25.48:443 |
| 2018-06-14 20:28:19 | ff55138370ab39a2893d632317513e7c | n/a | 23.66.22.253:443 |
| 2018-06-14 18:37:33 | 64457812436f055c93b3c1486c4e1ab7 | 14/68 (20.59%)
| 23.50.98.203:443 |
| 2018-06-13 00:36:09 | 78a8905672e1ce08e0bde783701837c7 | 20/66 (30.30%)
| 23.75.179.183:443 |
| 2018-06-10 08:23:28 | 3f53653543f2f2be8031cea14df547e3 | 44/69 (63.77%)
| 65.154.255.223:443 |
| 2018-06-10 02:17:11 | 6bbffde3e99b9e45679e9f304997fde4 | 36/66 (54.55%)
| 23.52.60.89:443 |
| 2018-06-10 02:17:11 | 6bbffde3e99b9e45679e9f304997fde4 | 36/66 (54.55%)
| 24.234.21.223:443 |
| 2018-06-08 12:07:59 | d7713dc96e7be35a47926bd611167265 | 35/68 (51.47%)
| 65.154.255.223:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 151.101.121.160:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 151.101.121.200:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 23.51.121.149:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 104.101.177.126:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 24.234.21.223:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 65.154.255.223:443 |
| 2018-06-06 22:01:27 | 0281c52dbe4bec5a0ddcc373237c4277 | 25/68 (36.76%)
| 23.77.209.75:443 |
| 2018-06-06 14:15:53 | 30ce5d51293985a41a8c16fac998160e | 38/68 (55.88%)
| 65.154.255.223:443 |
| 2018-06-03 09:46:18 | d6651dfa3f02270bc93cc3c1f6918d17 | 18/66 (27.27%)
| 23.77.209.75:443 |
| 2018-06-02 13:57:06 | 3f40fe20a15408923dbe1f0e1786b76b | 22/66 (33.33%)
| 23.13.241.203:443 |
| 2018-05-30 02:33:12 | 35d92ac538e72c5ef8b49e3c79b86694 | 22/66 (33.33%)
| 95.101.124.224:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 156.44.144.40:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 151.101.13.160:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 151.101.13.200:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 65.154.255.223:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 74.122.190.83:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 74.122.189.133:443 |
| 2018-05-13 01:59:49 | 7f8707d34197a300a1b98564edf545dc | 35/66 (53.03%)
| 151.101.1.160:443 |
| 2018-05-13 01:59:49 | 7f8707d34197a300a1b98564edf545dc | 35/66 (53.03%)
| 151.101.1.200:443 |
| 2018-04-18 06:24:37 | b931b8e286951c868b4565e02e144be2 | 25/67 (37.31%)
| 50.19.238.41:443 |
| 2018-04-18 06:24:37 | b931b8e286951c868b4565e02e144be2 | 25/67 (37.31%)
| 23.21.81.74:443 |
| 2018-04-18 06:24:37 | b931b8e286951c868b4565e02e144be2 | 25/67 (37.31%)
| 54.235.138.246:443 |
| 2018-04-17 16:53:27 | 400ffdeb4a4ca00b37f78e98a1248a86 | 48/67 (71.64%)
| 23.75.179.183:443 |
| 2018-04-15 22:49:05 | 94ce9105ddc8b6631f82d55c13aba73e | 56/68 (82.35%)
| 2.19.77.81:443 |
| 2018-04-13 08:25:43 | 348574c4f47fcb0398b6dffd229da6ce | 47/67 (70.15%)
| 23.8.3.4:443 |
| 2018-04-11 14:06:42 | d9e9caf31df6a26e3aaa67efba608fc7 | n/a | 31.13.92.51:443 |
| 2018-04-03 04:52:07 | ef51f2e082d18db3b5a93fd95ec1daf3 | 22/68 (32.35%)
| 31.13.86.52:443 |
| 2018-03-16 23:00:55 | cc0e0e8d8b40f72fc136bfaa0a763870 | 38/67 (56.72%)
| 31.13.70.52:443 |
| 2018-03-14 07:31:21 | 48d5ace130c21b9645903955953a33e8 | 51/67 (76.12%)
| 23.72.114.202:443 |
| 2018-03-14 07:31:21 | 48d5ace130c21b9645903955953a33e8 | 51/67 (76.12%)
| 23.72.103.25:443 |
| 2018-03-05 22:43:30 | 00c7aff0e14e0d2d2447495d5d0ddbf6 | 39/66 (59.09%)
| 185.60.216.52:443 |
| 2018-03-01 12:40:24 | 06fa09cb0679fa5b16027c55afd1931c | 18/68 (26.47%)
| 31.13.64.52:443 |
| 2018-02-28 00:32:13 | f2ca8a3f44677cffff8f0ccd8079cbb0 | 37/58 (63.79%)
| 31.13.72.53:443 |
| 2018-02-25 10:31:03 | 63ce4b79441f7b6d64b940381a6e259f | 33/67 (49.25%)
| 31.13.86.52:443 |
| 2018-02-25 08:40:47 | d04fd05a3e0c91e2658c94ed6700dc25 | 25/67 (37.31%)
| 31.13.86.52:443 |
| 2018-02-25 04:30:53 | adbd0cdf24a134da12b23f0343e5c82c | n/a | 185.60.216.52:443 |
| 2018-02-18 20:07:50 | 757be2d2c5205d838aad8f4af14e5736 | 13/65 (20.00%)
| 179.60.192.52:443 |
| 2018-02-12 23:17:07 | 57c8913cd3a36743e42d3042df96de4e | 12/66 (18.18%)
| 157.240.20.63:443 |
| 2018-02-11 04:07:25 | 43b6637e1568b86d088482626341d21b | 35/65 (53.85%)
| 31.13.86.52:443 |
| 2018-01-28 08:53:31 | 1529ad484ef9b2988e9a2d87b5db271c | 11/64 (17.19%)
| 157.240.20.63:443 |
| 2018-01-19 03:28:17 | 68cc3c3bb036fb62d2298f9f4919b75e | 29/65 (44.62%)
| 31.13.86.52:443 |
| 2018-01-06 22:18:02 | 561331d775230ace07aa5755c011bfad | 18/66 (27.27%)
| 92.122.65.18:443 |
| 2018-01-06 22:18:02 | 561331d775230ace07aa5755c011bfad | 18/66 (27.27%)
| 95.100.1.168:443 |
| 2017-12-27 23:30:42 | a960e60526e12ece4d41a9f831a35449 | 36/67 (53.73%)
| 179.60.192.52:443 |
| 2017-12-21 21:11:27 | 997540ab443919386bc070e574bb371e | 26/68 (38.24%)
| 31.13.70.52:443 |
| 2017-12-09 16:42:43 | 97aa22ef77dc6c8a2bca5eb199c495ac | n/a | 2.19.77.81:443 |
| 2017-12-04 17:59:28 | e69f25769ac59726cea6218d618d0ae2 | 36/68 (52.94%)
| 104.96.17.149:443 |
| 2017-11-30 08:11:28 | e43e5d40aa610938382393ead7bbd331 | 34/66 (51.52%)
| 23.35.100.45:443 |
| 2017-11-08 08:36:04 | a58e49df9097aa9eadde00a5877d407c | 42/67 (62.69%)
| 23.201.250.90:443 |
| 2017-11-07 07:22:50 | dcc580b8f1d434a8ac95927a40df1757 | n/a | 23.59.102.206:443 |
| 2017-10-20 11:05:53 | 85e3b8221ac85719d354ca626d77cac1 | 35/66 (53.03%)
| 104.73.136.164:443 |
| 2017-10-02 02:11:58 | 5a05ef9532b440c653a6a7e15d738e26 | 39/65 (60.00%)
| 23.38.3.183:443 |
| 2017-09-29 07:21:30 | a0bdb6e9fe96ed131ad9411b815c2519 | 23/65 (35.38%)
| 23.62.133.237:443 |
| 2017-09-26 19:54:38 | dd99e741d2ff13bb4f8550caed1ee331 | 23/63 (36.51%)
| 23.206.21.11:443 |
| 2017-09-23 18:30:35 | 801aae83b7d05f1560359b99a55ac068 | 40/65 (61.54%)
| 23.206.21.11:443 |
| 2017-09-23 17:49:01 | 7120373bd8a9c190a27e4b0e9b8ab740 | n/a | 23.206.21.11:443 |
| 2017-09-22 20:28:20 | 5db9254504122ddd24005ae60ee8a0c9 | 48/65 (73.85%)
| 2.18.119.192:443 |
| 2017-09-20 21:23:54 | cb2f0a8523293df45917dc655775501f | 41/65 (63.08%)
| 96.7.203.183:443 |
| 2017-09-20 09:21:21 | 2a6feae0ab0a987210844738767856c6 | n/a | 23.46.113.110:443 |
| 2017-09-20 05:27:37 | fe4866f83a041d608ce6f2f0ea9fc639 | n/a | 23.216.247.225:443 |
| 2017-09-20 02:05:05 | cbaa945860ec42bcaee08b4efa7e6698 | 36/65 (55.38%)
| 23.38.3.183:443 |
| 2017-09-20 02:05:05 | cbaa945860ec42bcaee08b4efa7e6698 | 36/65 (55.38%)
| 96.7.203.183:443 |
| 2017-09-20 00:33:15 | 8d171baa033c4d751e25e1aeea9b35ca | n/a | 23.35.100.45:443 |
| 2017-09-20 00:16:59 | 6117992395301e78f6566d7aafe387e3 | n/a | 2.18.119.192:443 |
| 2017-09-19 09:18:45 | 89abcf836a724f7966ca7c6837ad2416 | 27/65 (41.54%)
| 23.38.3.183:443 |
| 2017-09-18 19:05:48 | 28c9503622aa0d8b56e75a535770c5bc | 43/65 (66.15%)
| 2.19.77.81:443 |
| 2017-09-18 18:54:45 | 05ea21528c911cbfe43d5f3c10663232 | n/a | 23.206.21.11:443 |
| 2017-09-18 13:06:46 | 1d1f3d0f9b954f548b2bd339cce3d445 | 40/65 (61.54%)
| 104.81.104.99:443 |
| 2017-09-18 00:31:27 | 7c97ff43b3f3548cb2a61a2aebd9e734 | n/a | 2.17.227.183:443 |
| 2017-09-18 00:05:44 | 7b613fe0dcfc7748a9ef218f9bd58cb6 | n/a | 23.46.113.110:443 |
| 2017-08-30 15:09:04 | 7145426d4dd58673fca2d57a4cf0e234 | 23/65 (35.38%)
| 2.17.227.183:443 |
| 2017-08-23 00:42:27 | cde580f079aec84439f3e6eddecbdf1d | 27/64 (42.19%)
| 172.229.212.195:443 |
| 2017-08-23 00:42:27 | cde580f079aec84439f3e6eddecbdf1d | 27/64 (42.19%)
| 96.7.203.183:443 |
| 2017-08-20 20:17:26 | 29318300feb803c82b1b3db31afddabc | 15/64 (23.44%)
| 23.38.3.183:443 |
| 2017-08-20 14:42:41 | 561fbd9d09abe3ca13f757839e0eec8e | n/a | 23.38.3.183:443 |
# of entries: 100 (max: 100)