JA3 Fingerprints
You can find further information about the JA3 fingerprint 4d7a28d6f2263ed61de88ca66eb011e3, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | 4d7a28d6f2263ed61de88ca66eb011e3 |
|---|---|
| First seen: | 2017-07-16 21:20:29 UTC |
| Last seen: | 2020-12-08 18:10:55 UTC |
| Status: | Blacklisted |
| Malware samples: | 572 |
| Destination IPs: | 105 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 12:07:05 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-12-08 18:10:55 | ad4ca498c7b456a331e54dc87df18b6d |  51 / 71 (71.83%)
| 216.58.215.238:443 |
| 2020-12-08 18:10:55 | ad4ca498c7b456a331e54dc87df18b6d | 51 / 71 (71.83%)
| 216.58.215.238:443 |
| 2020-12-08 10:04:02 | a60c4442a7a16076853ca6ba913bff99 | 42 / 71 (59.15%)
| 172.217.168.46:443 |
| 2020-12-08 10:04:02 | a60c4442a7a16076853ca6ba913bff99 | 42 / 71 (59.15%)
| 172.217.168.46:443 |
| 2020-12-07 17:19:35 | e522fcbf8da17706f11b4cc90445fcea | n/a | 172.217.168.14:443 |
| 2020-12-07 17:19:35 | e522fcbf8da17706f11b4cc90445fcea | n/a | 216.58.215.238:443 |
| 2020-12-07 17:19:35 | e522fcbf8da17706f11b4cc90445fcea | n/a | 216.58.215.238:443 |
| 2020-12-07 17:19:35 | e522fcbf8da17706f11b4cc90445fcea | n/a | 172.217.168.14:443 |
| 2020-12-07 09:31:52 | aaf138a7ba6a303ba4e6d0959a290f58 | 43 / 71 (60.56%)
| 172.217.168.46:443 |
| 2020-12-07 09:31:52 | aaf138a7ba6a303ba4e6d0959a290f58 | 43 / 71 (60.56%)
| 172.217.168.46:443 |
| 2020-12-07 06:00:03 | a558546b390d854c148ba9b2a678c29c | 53 / 70 (75.71%)
| 172.217.168.78:443 |
| 2020-12-07 06:00:03 | a558546b390d854c148ba9b2a678c29c | 53 / 70 (75.71%)
| 172.217.168.78:443 |
| 2020-12-07 04:42:46 | a2b8989e48182b438ee2ed4ee37885ab | n/a | 172.217.17.78:443 |
| 2020-12-07 04:42:46 | a2b8989e48182b438ee2ed4ee37885ab | n/a | 172.217.17.78:443 |
| 2020-12-06 18:21:53 | 3e0cf82634e3d4d942188f324705e319 | 49 / 68 (72.06%)
| 172.217.168.238:443 |
| 2020-12-06 18:21:53 | 3e0cf82634e3d4d942188f324705e319 | 49 / 68 (72.06%)
| 172.217.168.238:443 |
| 2020-12-06 17:35:32 | 1ec251289f125c730fa3164bcc9a3ace | n/a | 172.217.168.14:443 |
| 2020-12-06 17:35:32 | 1ec251289f125c730fa3164bcc9a3ace | n/a | 172.217.168.14:443 |
| 2020-12-06 17:23:01 | 11614911df86239742c041338096a080 | n/a | 216.58.214.14:443 |
| 2020-12-06 17:23:01 | 11614911df86239742c041338096a080 | n/a | 216.58.214.14:443 |
| 2020-12-06 16:48:45 | a1381845052860df98801de968fb2f4e | 30 / 68 (44.12%)
| 172.217.168.238:443 |
| 2020-12-06 16:48:45 | a1381845052860df98801de968fb2f4e | 30 / 68 (44.12%)
| 172.217.168.238:443 |
| 2020-12-06 15:55:43 | 6c448bd295fa893e77f2e45c3ad19100 | 31 / 70 (44.29%)
| 172.217.19.206:443 |
| 2020-12-06 15:55:43 | 6c448bd295fa893e77f2e45c3ad19100 | 31 / 70 (44.29%)
| 172.217.20.78:443 |
| 2020-12-06 15:55:43 | 6c448bd295fa893e77f2e45c3ad19100 | 31 / 70 (44.29%)
| 172.217.19.206:443 |
| 2020-12-06 15:55:43 | 6c448bd295fa893e77f2e45c3ad19100 | 31 / 70 (44.29%)
| 172.217.20.78:443 |
| 2020-12-06 15:06:04 | 09f3eed657c489d8dfaba7cb7b607059 | n/a | 216.58.214.14:443 |
| 2020-12-06 15:06:04 | 09f3eed657c489d8dfaba7cb7b607059 | n/a | 216.58.214.14:443 |
| 2020-12-06 14:52:39 | 1877a3988ffa939b507578f646a82e9a | n/a | 172.217.19.206:443 |
| 2020-12-06 14:52:39 | 1877a3988ffa939b507578f646a82e9a | n/a | 172.217.17.110:443 |
| 2020-12-06 14:52:39 | 1877a3988ffa939b507578f646a82e9a | n/a | 172.217.17.110:443 |
| 2020-12-06 14:52:39 | 1877a3988ffa939b507578f646a82e9a | n/a | 172.217.19.206:443 |
| 2020-12-06 13:50:00 | fdaeea142b908bc2acd01943b63ae0c9 | n/a | 172.217.17.78:443 |
| 2020-12-06 13:50:00 | fdaeea142b908bc2acd01943b63ae0c9 | n/a | 172.217.17.78:443 |
| 2020-12-06 12:50:03 | fc991d0a9fd7ed65f3ad9525848e30a4 | n/a | 172.217.19.206:443 |
| 2020-12-06 12:50:03 | fc991d0a9fd7ed65f3ad9525848e30a4 | n/a | 172.217.19.206:443 |
| 2020-12-06 11:16:06 | dfd29affc574e702b4b75713d1c80d80 | 40 / 70 (57.14%)
| 172.217.17.78:443 |
| 2020-12-06 11:16:06 | dfd29affc574e702b4b75713d1c80d80 | 40 / 70 (57.14%)
| 172.217.17.78:443 |
| 2020-12-06 10:23:20 | ccd4f25d772a46997c80fce86c0b2939 | n/a | 216.58.214.14:443 |
| 2020-12-06 10:23:20 | ccd4f25d772a46997c80fce86c0b2939 | n/a | 216.58.214.14:443 |
| 2020-12-06 09:52:14 | beb211923f9d8c600ded60fafbf1cad3 | n/a | 172.217.168.78:443 |
| 2020-12-06 09:52:14 | beb211923f9d8c600ded60fafbf1cad3 | n/a | 172.217.168.78:443 |
| 2020-12-06 02:20:11 | 93bbddbb403c7720d36983683d7b485a | 53 / 71 (74.65%)
| 172.217.168.46:443 |
| 2020-12-06 02:20:11 | 93bbddbb403c7720d36983683d7b485a | 53 / 71 (74.65%)
| 172.217.168.46:443 |
| 2020-12-06 01:46:21 | 773dbc0b229903f101167e8c5b27dba3 | n/a | 172.217.168.46:443 |
| 2020-12-06 01:46:21 | 773dbc0b229903f101167e8c5b27dba3 | n/a | 172.217.168.46:443 |
| 2020-12-06 01:01:55 | 440905da0bb2df162dbd7a5af980b2e4 | n/a | 172.217.168.78:443 |
| 2020-12-06 01:01:55 | 440905da0bb2df162dbd7a5af980b2e4 | n/a | 172.217.168.14:443 |
| 2020-12-06 01:01:55 | 440905da0bb2df162dbd7a5af980b2e4 | n/a | 172.217.168.78:443 |
| 2020-12-06 01:01:55 | 440905da0bb2df162dbd7a5af980b2e4 | n/a | 172.217.168.14:443 |
| 2020-12-06 00:41:33 | 057286ae90b983664cf31dc5a197b101 | n/a | 172.217.168.14:443 |
| 2020-12-06 00:41:33 | 057286ae90b983664cf31dc5a197b101 | n/a | 172.217.168.14:443 |
| 2020-12-05 19:22:03 | 6e3387ad2119a28dfaf32ca25c6731fd | n/a | 172.217.168.14:443 |
| 2020-12-05 19:22:03 | 6e3387ad2119a28dfaf32ca25c6731fd | n/a | 172.217.168.14:443 |
| 2020-12-05 19:22:02 | 6e3387ad2119a28dfaf32ca25c6731fd | n/a | 216.58.215.238:443 |
| 2020-12-05 19:22:02 | 6e3387ad2119a28dfaf32ca25c6731fd | n/a | 216.58.215.238:443 |
| 2020-12-05 18:22:01 | 3f7fb339f85c53faedc92b9fc84d4eed | n/a | 172.217.168.14:443 |
| 2020-12-05 18:22:01 | 3f7fb339f85c53faedc92b9fc84d4eed | n/a | 172.217.168.14:443 |
| 2020-12-05 17:35:38 | 1f9f5b6b4e513a017076a16f750c8b0d | n/a | 172.217.168.14:443 |
| 2020-12-05 17:35:38 | 1f9f5b6b4e513a017076a16f750c8b0d | n/a | 172.217.168.14:443 |
| 2020-12-05 17:35:37 | 1f9f5b6b4e513a017076a16f750c8b0d | n/a | 216.58.215.238:443 |
| 2020-12-05 17:35:37 | 1f9f5b6b4e513a017076a16f750c8b0d | n/a | 216.58.215.238:443 |
| 2020-12-05 17:32:13 | 1c2b848abbdf5ad034972a1ac37c0176 | 57 / 71 (80.28%)
| 172.217.168.14:443 |
| 2020-12-05 17:32:13 | 1c2b848abbdf5ad034972a1ac37c0176 | 57 / 71 (80.28%)
| 172.217.168.14:443 |
| 2020-12-05 17:32:12 | 1c2b848abbdf5ad034972a1ac37c0176 | 57 / 71 (80.28%)
| 172.217.168.46:443 |
| 2020-12-05 17:32:12 | 1c2b848abbdf5ad034972a1ac37c0176 | 57 / 71 (80.28%)
| 172.217.168.46:443 |
| 2020-12-05 07:04:46 | ab0aa372128a11105b58ebf2089794a8 | 51 / 71 (71.83%)
| 172.217.168.14:443 |
| 2020-12-05 07:04:46 | ab0aa372128a11105b58ebf2089794a8 | 51 / 71 (71.83%)
| 172.217.168.14:443 |
| 2020-12-04 22:25:32 | 83f3ebd55f5eeccb8c9b9776733f8f8a | n/a | 216.58.215.238:443 |
| 2020-12-04 22:25:32 | 83f3ebd55f5eeccb8c9b9776733f8f8a | n/a | 216.58.215.238:443 |
| 2020-12-04 22:25:29 | 83f3ebd55f5eeccb8c9b9776733f8f8a | n/a | 172.217.168.14:443 |
| 2020-12-04 22:25:29 | 83f3ebd55f5eeccb8c9b9776733f8f8a | n/a | 172.217.168.14:443 |
| 2020-12-04 21:53:18 | 5f9347d7ccbe4d014e3dd73c796f4d40 | 43 / 62 (69.35%)
| 172.217.168.14:443 |
| 2020-12-04 21:53:18 | 5f9347d7ccbe4d014e3dd73c796f4d40 | 43 / 62 (69.35%)
| 172.217.168.14:443 |
| 2020-12-04 21:53:17 | 5f9347d7ccbe4d014e3dd73c796f4d40 | 43 / 62 (69.35%)
| 172.217.168.78:443 |
| 2020-12-04 21:53:17 | 5f9347d7ccbe4d014e3dd73c796f4d40 | 43 / 62 (69.35%)
| 172.217.168.78:443 |
| 2020-12-04 20:58:02 | 374badcf8a4502944402f834682fa6a7 | n/a | 172.217.168.46:443 |
| 2020-12-04 20:58:02 | 374badcf8a4502944402f834682fa6a7 | n/a | 172.217.168.46:443 |
| 2020-12-04 16:46:08 | f9fd42bd9205b337e600026837b3aa82 | 39 / 68 (57.35%)
| 216.58.215.238:443 |
| 2020-12-04 16:46:08 | f9fd42bd9205b337e600026837b3aa82 | 39 / 68 (57.35%)
| 216.58.215.238:443 |
| 2020-12-04 09:22:10 | e20b7da24c306439a408cd77f21a5994 | 50 / 71 (70.42%)
| 172.217.20.78:443 |
| 2020-12-04 09:22:10 | e20b7da24c306439a408cd77f21a5994 | 50 / 71 (70.42%)
| 172.217.20.78:443 |
| 2020-12-04 08:26:48 | dcf5603d21cf2c82ed5d0767e15410cc | n/a | 172.217.168.14:443 |
| 2020-12-04 08:26:48 | dcf5603d21cf2c82ed5d0767e15410cc | n/a | 172.217.168.14:443 |
| 2020-12-04 08:26:48 | dcf5603d21cf2c82ed5d0767e15410cc | n/a | 172.217.168.46:443 |
| 2020-12-04 08:26:48 | dcf5603d21cf2c82ed5d0767e15410cc | n/a | 216.58.215.238:443 |
| 2020-12-04 08:26:48 | dcf5603d21cf2c82ed5d0767e15410cc | n/a | 172.217.168.46:443 |
| 2020-12-04 08:26:48 | dcf5603d21cf2c82ed5d0767e15410cc | n/a | 216.58.215.238:443 |
| 2020-12-03 19:35:18 | 251cc5e36d538fb08f29602dfd0b0d32 | 53 / 71 (74.65%)
| 172.217.168.78:443 |
| 2020-12-03 19:35:18 | 251cc5e36d538fb08f29602dfd0b0d32 | 53 / 71 (74.65%)
| 172.217.168.78:443 |
| 2020-12-03 10:43:00 | 407d35010e5c22848d145ec5338b5269 | 50 / 70 (71.43%)
| 172.217.168.14:443 |
| 2020-12-03 10:43:00 | 407d35010e5c22848d145ec5338b5269 | 50 / 70 (71.43%)
| 172.217.168.14:443 |
| 2020-12-02 08:50:21 | ac6e6481f4403be34b45b252e2867124 | 49 / 71 (69.01%)
| 172.217.168.238:443 |
| 2020-12-02 08:50:21 | ac6e6481f4403be34b45b252e2867124 | 49 / 71 (69.01%)
| 172.217.168.238:443 |
| 2020-12-02 06:44:00 | aa0704191b7f19ba3c50460c4c733f47 | 52 / 71 (73.24%)
| 172.217.17.78:443 |
| 2020-12-02 06:44:00 | aa0704191b7f19ba3c50460c4c733f47 | 52 / 71 (73.24%)
| 172.217.17.78:443 |
| 2020-12-02 05:36:17 | a87f41d5c94487a7a1a680c2cb2a8d25 | 47 / 71 (66.20%)
| 216.58.215.238:443 |
| 2020-12-02 05:36:17 | a87f41d5c94487a7a1a680c2cb2a8d25 | 47 / 71 (66.20%)
| 216.58.215.238:443 |
| 2020-12-02 02:19:47 | a02f8ab2766fe9b8e9f598fc85935217 | 50 / 69 (72.46%)
| 216.58.215.238:443 |
| 2020-12-02 02:19:47 | a02f8ab2766fe9b8e9f598fc85935217 | 50 / 69 (72.46%)
| 216.58.215.238:443 |
# of entries: 100 (max: 100)