JA3 Fingerprints

You can find further information about the JA3 fingerprint 4d7a28d6f2263ed61de88ca66eb011e3, including the corresponding malware samples as well as the associated botnet C&Cs.

Database Entry


JA3 Fingerprint:4d7a28d6f2263ed61de88ca66eb011e3
First seen:2017-07-16 21:20:29 UTC
Last seen:2018-12-27 19:29:28 UTC
Status:Blacklisted
Malware samples:220
Destination IPs:48
Malware:Tofsee -
Listing date:2018-11-14 12:07:05

Malware Samples


The table below documents all malware samples associated with this JA3 Fingerprint.

Timestamp (UTC)Malware Sample (MD5 hash)VTBotnet C&C (IP:port)
2018-12-27 19:29:284577728e7e6ea0c371746efd0341813aVirustotal results 46/71 (64.79%) 159.153.191.240:443
2018-09-30 01:38:090c79c9884f04a63edad772041ecd50b5Virustotal results 28/68 (41.18%) 104.23.129.76:443
2018-09-30 01:38:080c79c9884f04a63edad772041ecd50b5Virustotal results 28/68 (41.18%) 104.23.128.76:443
2018-06-07 15:08:04e4dc03171de9820704f39c606a41bc16Virustotal results 35/68 (51.47%) 137.188.80.125:443
2018-06-07 15:08:04e4dc03171de9820704f39c606a41bc16Virustotal results 35/68 (51.47%) 162.115.16.125:443
2018-05-27 16:49:29776195c2c1b308a058b81eceed594120Virustotal results 48/66 (72.73%) 162.115.16.125:443
2018-05-27 03:07:16783021390eb7e74480eedcbea3490528Virustotal results 28/66 (42.42%) 162.115.16.125:443
2018-05-15 10:55:21a036a33fa28347cf24a3182b1f6e5cf0Virustotal results 40/66 (60.61%) 104.23.129.76:443
2018-04-14 14:30:5625e8f37cc18bc29ebb44146863807f48Virustotal results 52/65 (80.00%) 104.23.128.76:443
2018-04-14 05:53:245bdfecf6149389541b4fdf7df04fd51bVirustotal results 46/66 (69.70%) 104.23.129.76:443
2018-04-13 19:19:062cea4eae8b406d61bcc4ee0a8ec15b30Virustotal results 20/67 (29.85%) 104.23.128.76:443
2018-04-13 11:01:187c06a85fbdf33477ac2458c957e056afVirustotal results 37/66 (56.06%) 104.23.128.76:443
2018-04-13 05:58:24e64d5d4dbc43d97734685452cf1ca6f8Virustotal results 37/67 (55.22%) 151.101.1.204:443
2018-04-13 05:58:24e64d5d4dbc43d97734685452cf1ca6f8Virustotal results 37/67 (55.22%) 104.73.128.139:443
2018-04-13 05:58:24e64d5d4dbc43d97734685452cf1ca6f8Virustotal results 37/67 (55.22%) 23.62.139.229:443
2018-04-13 05:50:519dd0234c87263823f4c5057cb0929f9bVirustotal results 46/66 (69.70%) 104.23.128.76:443
2018-04-13 05:28:2214587f387748738734bea6b4eb73e829Virustotal results 22/66 (33.33%) 104.23.129.76:443
2018-04-12 13:05:27d4cdea885cda1af1ba443b077c7f1b90Virustotal results 48/68 (70.59%) 104.23.129.76:443
2018-04-12 11:15:32f9eddd9e40e022fce7df47dac99658fcVirustotal results 46/67 (68.66%) 104.23.128.76:443
2018-04-12 10:52:2515b4dfb3eb33e600c8b8dd9ffbddff56n/a104.23.129.76:443
2018-04-12 10:44:38bbf64f00315bf0b041c272ab8dbd5673Virustotal results 48/66 (72.73%) 104.23.129.76:443
2018-04-12 10:38:198a744de2f3f06242f7d46169070674c3Virustotal results 45/67 (67.16%) 104.23.129.76:443
2018-04-12 08:28:12765a08becdd0ea6d493975482b1c4b45Virustotal results 51/67 (76.12%) 104.23.128.76:443
2018-04-12 07:54:26b98d69200efc7e25d9ac374d784eabf3Virustotal results 49/68 (72.06%) 104.23.129.76:443
2018-04-12 06:19:094cac438a756607a22168d7945014b4c4n/a104.23.129.76:443
2018-04-12 02:40:201a46aefe7c52e3ec254e483d7fcd1a87Virustotal results 43/67 (64.18%) 104.23.129.76:443
2018-04-11 19:53:06fc9502e2ad515748fb3a5b6d563c4131Virustotal results 47/66 (71.21%) 104.23.128.76:443
2018-04-11 18:58:10029951d316f148f9505cfdd19521a001Virustotal results 40/67 (59.70%) 104.23.128.76:443
2018-04-11 14:50:3651623a66de974b06cdde948f05dda67aVirustotal results 47/67 (70.15%) 104.23.128.76:443
2018-04-11 12:20:05edb870fd96a7a47c5c12cb7d0d07b770Virustotal results 42/67 (62.69%) 104.23.129.76:443
2018-04-11 11:09:12dd5a767f86b47d5d195c3522123488d1Virustotal results 47/66 (71.21%) 104.23.128.76:443
2018-04-11 06:55:453f6d6a78d9e3275529eb1141c97e1d41n/a104.23.129.76:443
2018-04-11 05:52:083a84bbbb7143d89f6d9de0d8b984d8f2Virustotal results 47/67 (70.15%) 104.23.128.76:443
2018-04-11 02:52:39154ab980a14922b4eb279513108fcdd7Virustotal results 40/67 (59.70%) 104.23.129.76:443
2018-04-11 02:23:06ae726080b4dd2ecaea054214e97223b8Virustotal results 50/68 (73.53%) 104.23.129.76:443
2018-04-11 01:14:40e3ec22bac7271fee406e8f306ab0dbc5Virustotal results 43/65 (66.15%) 104.23.128.76:443
2018-04-10 21:55:50bb3c915fe5f4d92af2444ec0f73331f7Virustotal results 48/66 (72.73%) 104.23.128.76:443
2018-04-10 21:06:43d36700c54616c686afc0e36429afbf37Virustotal results 47/68 (69.12%) 104.23.129.76:443
2018-04-10 06:09:26e034fdf786914cdc31488ad9d107ea54Virustotal results 46/67 (68.66%) 104.23.129.76:443
2018-04-10 04:08:4553270fd30f143b9af81287dcfdc82edfVirustotal results 48/67 (71.64%) 104.23.128.76:443
2018-04-09 21:04:1720f0a425d4dd52db90681cfa88eb2841Virustotal results 54/67 (80.60%) 104.23.129.76:443
2018-04-09 13:07:533da3a15b908645b8d1b8cc5076865822Virustotal results 49/67 (73.13%) 104.23.129.76:443
2018-04-09 05:00:29c844cb17313970d87c3d44a849a1ac62Virustotal results 45/68 (66.18%) 104.23.128.76:443
2018-04-08 19:23:57eb9968d785448d597c946c51a737d607Virustotal results 47/67 (70.15%) 104.23.128.76:443
2018-04-08 14:25:0703b5df405d1e76a179deaa72f77d4ed8Virustotal results 51/67 (76.12%) 104.23.128.76:443
2018-04-08 10:31:46807925b450d6e74835aa57fb6b914898Virustotal results 45/68 (66.18%) 104.23.129.76:443
2018-04-08 06:52:05054ef22aaff0a79b32bad40886ded43dVirustotal results 45/67 (67.16%) 104.23.129.76:443
2018-04-08 03:23:292add760122abd05cfdb19bdfdbab56feVirustotal results 44/66 (66.67%) 104.23.128.76:443
2018-04-07 20:00:4273dee7b109a70a3675e08ba6e6cf878fVirustotal results 43/66 (65.15%) 104.23.128.76:443
2018-04-07 15:42:321e3fe31671dfc1cd7ec37ab42ace773aVirustotal results 44/66 (66.67%) 104.23.129.76:443
2018-04-06 16:58:41cbe5e37e044ec0b1f490c70252414c8dVirustotal results 22/67 (32.84%) 104.23.128.76:443
2018-04-06 06:21:36782b20f2fc7a9aafd07a52e75edba9b8Virustotal results 45/67 (67.16%) 104.23.129.76:443
2018-04-06 04:14:50132403a7d44cf147b2d4f079f9f63335Virustotal results 38/67 (56.72%) 104.23.129.76:443
2018-04-06 03:12:53923a25c51793a57bd686ab7009083d21Virustotal results 46/68 (67.65%) 104.23.128.76:443
2018-04-05 08:20:24e7fedd97c2dc02670e98ac1d53b6e8e6Virustotal results 37/66 (56.06%) 104.23.129.76:443
2018-04-04 14:32:27e6f3376f71c0666219994209bfb601d5Virustotal results 37/62 (59.68%) 104.23.129.76:443
2018-04-04 11:24:21fa61e7ebe53ad142d39a2a3387ca9e47Virustotal results 33/67 (49.25%) 104.23.129.76:443
2018-04-04 10:04:22d9df09d6a18034d6657e981037820401Virustotal results 37/66 (56.06%) 104.23.129.76:443
2018-04-04 09:50:31e8b0af748392bccb2d6d6f347ebb6aa1Virustotal results 45/66 (68.18%) 104.23.129.76:443
2018-04-03 14:23:13508affdf688abc343f30cde31644e0aeVirustotal results 40/65 (61.54%) 104.23.128.76:443
2018-04-03 07:51:22478599a82e810dcb0d2a4b5e27eeee1cVirustotal results 47/68 (69.12%) 104.23.129.76:443
2018-04-03 03:27:1405335598fec2d633491a18b99cd19f09Virustotal results 47/66 (71.21%) 104.23.128.76:443
2018-03-31 08:32:14f61c6ccf00bc655ffd4c3f656d33f575n/a104.23.129.76:443
2018-03-30 19:35:19fde34c444171b85819e7fbb16fbab7can/a104.23.129.76:443
2018-03-30 03:03:025b1ef4ee39163aac5d892166e6823224Virustotal results 40/67 (59.70%) 104.23.128.76:443
2018-03-30 00:15:33026a98309e4b73ac2cfa51d9e37bbd1eVirustotal results 43/66 (65.15%) 104.23.129.76:443
2018-03-28 22:30:022d688be73c740afa5c983b706d5b8b9cVirustotal results 48/67 (71.64%) 104.23.129.76:443
2018-03-28 19:20:38b797aa28d848e8d679026d6bb23a1966n/a104.23.128.76:443
2018-03-28 02:26:435247e800aa6c85bd9dd169c9567b5dc2Virustotal results 48/67 (71.64%) 104.23.128.76:443
2018-03-27 05:49:16cc098795137d19f6dd78caa888904d43Virustotal results 49/66 (74.24%) 104.23.129.76:443
2018-03-27 05:43:5356752e504fb6bc5c321733b7d24d5a67Virustotal results 48/66 (72.73%) 104.23.128.76:443
2018-03-27 02:37:36e1a907be3bcd58a2756370a9abdc5fc5Virustotal results 41/67 (61.19%) 104.23.129.76:443
2018-03-27 02:37:36e1a907be3bcd58a2756370a9abdc5fc5Virustotal results 41/67 (61.19%) 104.23.128.76:443
2018-03-27 02:02:09554e49c065a6cf9b710125e694d6be47Virustotal results 48/66 (72.73%) 104.23.128.76:443
2018-03-27 00:15:5975c955d68b5661bb8aceea770b2b3cb3n/a104.23.128.76:443
2018-03-26 20:24:3302fd29ddd117ccbb336f8d78f17921c2Virustotal results 42/65 (64.62%) 23.205.181.35:443
2018-03-26 12:54:46575ac9fa340bfe1b04d66773c17467d5Virustotal results 46/66 (69.70%) 104.23.128.76:443
2018-03-26 06:09:38eaed5e2692eaa2348ae3ae4806f6b010Virustotal results 42/66 (63.64%) 104.23.129.76:443
2018-03-26 04:58:31b5066bece918344ced7e6c66e55030d1Virustotal results 39/65 (60.00%) 104.23.129.76:443
2018-03-26 04:58:31b5066bece918344ced7e6c66e55030d1Virustotal results 39/65 (60.00%) 162.115.208.125:443
2018-03-26 01:11:09fde057404dbb0c65d2a33e5dc083411fVirustotal results 34/68 (50.00%) 162.115.16.125:443
2018-03-25 07:58:551089de0b3c0f3e774ef40ab7b9e320f6Virustotal results 39/65 (60.00%) 162.115.208.125:443
2018-03-25 07:58:551089de0b3c0f3e774ef40ab7b9e320f6Virustotal results 39/65 (60.00%) 162.115.16.125:443
2018-03-25 07:58:551089de0b3c0f3e774ef40ab7b9e320f6Virustotal results 39/65 (60.00%) 104.23.128.76:443
2018-03-25 07:58:551089de0b3c0f3e774ef40ab7b9e320f6Virustotal results 39/65 (60.00%) 137.188.80.125:443
2018-03-24 21:34:47e1e09d9d455eca070998ddfe3538be07Virustotal results 41/66 (62.12%) 104.23.129.76:443
2018-03-24 19:58:03ee301745fa9c17cd859bf03cc67a67e6Virustotal results 38/57 (66.67%) 104.23.129.76:443
2018-03-24 13:57:57197e47d22ea0f25906a824ba53245eb0Virustotal results 38/65 (58.46%) 104.23.128.76:443
2018-03-24 13:57:57197e47d22ea0f25906a824ba53245eb0Virustotal results 38/65 (58.46%) 104.85.23.60:443
2018-03-24 11:04:572f58405df57100452dbae692921292adVirustotal results 40/66 (60.61%) 104.23.128.76:443
2018-03-24 08:25:13fbdb2aa073382cc1ef55387e473fed67Virustotal results 44/65 (67.69%) 104.23.128.76:443
2018-03-24 06:51:33e579700ba4c8a6ce827a0293222e57f4Virustotal results 39/65 (60.00%) 2.19.72.232:443
2018-03-24 04:46:067a0371a45e06933a9fa7789b2f8ec130Virustotal results 17/65 (26.15%) 104.23.128.76:443
2018-03-24 04:10:37e0dec0e7807a1de19d385d87e89f1a15Virustotal results 38/67 (56.72%) 104.23.128.76:443
2018-03-24 03:07:58fe27e8c9e8e6fc47cd6974205124e701Virustotal results 44/66 (66.67%) 104.23.128.76:443
2018-03-24 01:35:3006b9eff5bf49c2f52c0c428269df9009Virustotal results 40/66 (60.61%) 104.23.129.76:443
2018-03-24 00:48:403e5a7755f49c661f89b9613ffdb7d2a7Virustotal results 42/66 (63.64%) 104.23.129.76:443
2018-03-23 23:09:510450d1b3d81372b482d108469f3b39b4Virustotal results 19/67 (28.36%) 104.23.129.76:443
2018-03-23 22:31:31496f728dcd48a9be9d57eb4429d4e011Virustotal results 18/68 (26.47%) 104.23.128.76:443
2018-03-23 10:21:26fbb31d75f2332a213f9f3cc3610a92d9Virustotal results 40/64 (62.50%) 104.23.128.76:443

# of entries: 100 (max: 100)