JA3 Fingerprints
You can find further information about the JA3 fingerprint 57f3642b4e37e28f5cbe3020c9331b4c, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | 57f3642b4e37e28f5cbe3020c9331b4c |
|---|---|
| First seen: | 2018-08-28 15:54:53 UTC |
| Last seen: | 2020-03-29 10:49:33 UTC |
| Status: | Blacklisted |
| Malware samples: | 4'400 |
| Destination IPs: | 306 |
| Malware: | Gozi  |
| Listing date: | 2018-11-14 00:00:00 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-03-29 10:49:33 | c7efc35952329e7ee48c91f66a03fb63 |  56 / 73 (76.71%)
| 152.199.19.161:443 |
| 2020-03-29 03:42:47 | b08690f6defe8e5db71e8ee7edbae09b | 51 / 72 (70.83%)
| 152.199.19.161:443 |
| 2020-03-29 03:37:35 | c719191d5c9abade5d456f45d9624609 | 55 / 73 (75.34%)
| 152.199.19.161:443 |
| 2020-03-28 17:49:25 | 2d9238a3527a5695044b5b3ef66f0834 | 44 / 73 (60.27%)
| 72.21.81.200:443 |
| 2020-03-28 09:31:28 | c30209d257276f76a6a1ea50ee1af04a | 54 / 72 (75.00%)
| 152.199.19.161:443 |
| 2020-03-28 09:20:56 | c0ba4577227e40ec6175db2dc4c0cded | 63 / 73 (86.30%)
| 152.199.19.161:443 |
| 2020-03-28 04:51:58 | c02f75c47221f323e848e9d4f3ad0e19 | 56 / 73 (76.71%)
| 152.199.19.161:443 |
| 2020-03-27 03:58:08 | afc2137fe9bb5d922e5b10069c585c1d | 52 / 72 (72.22%)
| 152.199.19.161:443 |
| 2020-03-26 19:00:04 | 4a4596e13b6e0bf5160020f09bacf557 | 59 / 73 (80.82%)
| 152.199.19.161:443 |
| 2020-03-26 18:35:28 | 84fb8e23c81e3b742f64a7de037ac1e5 | 57 / 72 (79.17%)
| 72.21.81.200:443 |
| 2020-03-26 08:26:42 | d58ef05bdd9230efe456c16d41864989 | n/a | 152.199.19.161:443 |
| 2020-03-26 07:51:53 | 00f958c573fa0e0be4155e2fde8a9fb9 | n/a | 152.199.19.161:443 |
| 2020-03-26 06:53:12 | 9a6bc8640f3b82094d3410b992cb41b2 | n/a | 152.199.19.161:443 |
| 2020-03-26 06:21:25 | 97e51b5b7bf92823331773b02d5bd487 | 57 / 73 (78.08%)
| 152.199.19.161:443 |
| 2020-03-26 05:55:30 | 2f4c01e04f79c15b955b1c2d8c6ea8e2 | 56 / 72 (77.78%)
| 152.199.19.161:443 |
| 2020-03-26 05:32:46 | 257b9f64b3b1a58d44141c38c8779ce5 | n/a | 152.199.19.161:443 |
| 2020-03-26 03:53:59 | a165399d57e3c56dcc62665898d919f2 | 57 / 72 (79.17%)
| 152.199.19.161:443 |
| 2020-03-26 02:32:02 | 7b9d610be5c217875d527498dbd2dab0 | 58 / 73 (79.45%)
| 152.199.19.161:443 |
| 2020-03-25 19:04:42 | cabdf9de9d6290aea42505d83b56ef0e | 43 / 71 (60.56%)
| 165.22.207.20:443 |
| 2020-03-25 16:40:43 | 7587f76687bccebcf4b8df56d24ca081 | 56 / 73 (76.71%)
| 152.199.19.161:443 |
| 2020-03-25 16:34:47 | 5b8ce1c73dc5191d5db84f9c55e1afa7 | n/a | 72.21.81.200:443 |
| 2020-03-25 14:35:19 | 426fc6e9b05c7500936ec90a5edab00e | n/a | 152.199.19.161:443 |
| 2020-03-25 13:53:31 | b210928d17fa45bc59ab725451650221 | n/a | 152.199.19.161:443 |
| 2020-03-25 13:26:45 | 40127dbcb98eea81f3a6994a135dfb0f | n/a | 152.199.19.161:443 |
| 2020-03-25 12:08:08 | bf4557952f0f0002bb96ff2a0ebe8d75 | n/a | 152.199.19.161:443 |
| 2020-03-25 11:55:35 | 2fe18127086336a43b665dc50b14fe12 | 56 / 73 (76.71%)
| 152.199.19.161:443 |
| 2020-03-25 11:45:06 | 69cd066e74ddead121aef7cc069be8a8 | 52 / 72 (72.22%)
| 152.199.19.161:443 |
| 2020-03-25 11:05:11 | 088774c4adc0e2664efd19fab36b960a | 56 / 73 (76.71%)
| 72.21.81.200:443 |
| 2020-03-25 10:35:58 | 332d4f0a242d143e17a02a72f726028e | n/a | 152.199.19.161:443 |
| 2020-03-25 10:28:53 | c4b3c8b76c9c54fdd15350cf36573c2d | 56 / 72 (77.78%)
| 152.199.19.161:443 |
| 2020-03-25 10:02:21 | 0eeaca8998ca976f1afd2fada213b4ff | 58 / 73 (79.45%)
| 152.199.19.161:443 |
| 2020-03-25 09:52:12 | c2e4cb3987b8793bf0f017b400e1e0f3 | n/a | 152.199.19.161:443 |
| 2020-03-25 09:36:52 | 39d68ff70c2e0b8e97b2eaa6ff5b02d8 | 56 / 73 (76.71%)
| 152.199.19.161:443 |
| 2020-03-25 08:12:08 | 67c0a1f4d19c99d6f28aee080dff0946 | 55 / 72 (76.39%)
| 152.199.19.161:443 |
| 2020-03-25 07:27:04 | 5554469bd7568e8a7684b28375521e0f | n/a | 152.199.19.161:443 |
| 2020-03-24 16:27:37 | 269836415acd5f93b5320c2fe2929f40 | n/a | 152.199.19.161:443 |
| 2020-03-24 16:13:38 | d3031facce8d104778a13ae22e51c410 | 58 / 73 (79.45%)
| 72.21.81.200:443 |
| 2020-03-24 16:12:30 | e2aa991ca47fa4aec17cb8af9b5521cb | 53 / 72 (73.61%)
| 152.199.19.161:443 |
| 2020-03-24 16:07:25 | bc34e8e7b4ea11acdb4884223a00c42e | 54 / 72 (75.00%)
| 152.199.19.161:443 |
| 2020-03-24 15:43:05 | 39e1ac7c62c18538e8d6d9bf4df912af | 55 / 73 (75.34%)
| 152.199.19.161:443 |
| 2020-03-24 15:35:40 | 9e3da1aa1004d8177c18cbb11d430d62 | 56 / 72 (77.78%)
| 152.199.19.161:443 |
| 2020-03-24 15:32:39 | ec1d7582d71cc4335eb6252fa53ecc74 | 55 / 72 (76.39%)
| 152.199.19.161:443 |
| 2020-03-24 15:22:15 | 80483dbdfe45cb7d2b82afa394e26714 | 56 / 72 (77.78%)
| 72.21.81.200:443 |
| 2020-03-24 14:07:29 | 2b9d23ee00455367e795372e2478456c | 54 / 73 (73.97%)
| 152.199.19.161:443 |
| 2020-03-24 13:31:09 | a6aeea057ae6811f20f7f4baad5858f9 | n/a | 152.199.19.161:443 |
| 2020-03-24 13:21:10 | 6dd666eca28e53156790945e6f9bf423 | 55 / 73 (75.34%)
| 152.199.19.161:443 |
| 2020-03-24 10:58:05 | c0586f945eac8f7dfe95426339201a02 | 59 / 72 (81.94%)
| 152.199.19.161:443 |
| 2020-03-24 09:48:35 | ad3b1a12662e4b5b71b593840e466edd | 54 / 73 (73.97%)
| 152.199.19.161:443 |
| 2020-03-24 09:45:24 | e7a1c7773e8d090f7014d50f886fae28 | 55 / 72 (76.39%)
| 152.199.19.161:443 |
| 2020-03-24 08:44:05 | 904601c444170fe913b5c57ef5d12813 | 59 / 73 (80.82%)
| 152.199.19.161:443 |
| 2020-03-24 08:05:49 | c6f0365c18ba7d005d420af9c1de4cb2 | 55 / 72 (76.39%)
| 152.199.19.161:443 |
| 2020-03-24 06:30:55 | e9aaf22b3b808c24179a00eec96b41a0 | 53 / 72 (73.61%)
| 152.199.19.161:443 |
| 2020-03-24 05:38:11 | c07e59fd70c39e831b49502fce4c9e48 | 55 / 73 (75.34%)
| 152.199.19.161:443 |
| 2020-03-24 04:53:53 | 94815fe1e99aaac6e4214a65394ec6e1 | 57 / 72 (79.17%)
| 152.199.19.161:443 |
| 2020-03-24 04:26:25 | 64c5226094ba5d60a1dceca00137aeee | 55 / 71 (77.46%)
| 152.199.19.161:443 |
| 2020-03-24 02:55:58 | 4862433efc50874cb107d7479fadfbc6 | 57 / 73 (78.08%)
| 152.199.19.161:443 |
| 2020-03-24 02:50:42 | 23a7fed09048a6c8c342d5974a0d04f1 | 55 / 72 (76.39%)
| 152.199.19.161:443 |
| 2020-03-24 02:16:55 | ade1fce26a20f2985301677912bd0114 | 55 / 72 (76.39%)
| 152.199.19.161:443 |
| 2020-03-24 01:34:11 | 39a3aaa8723c21b5a4c19e30cede0e16 | 55 / 72 (76.39%)
| 152.199.19.161:443 |
| 2020-03-24 00:26:52 | 055a844b609960f8d4d035902e906b04 | 51 / 71 (71.83%)
| 152.199.19.161:443 |
| 2020-03-23 23:16:13 | dc54cd7531f368e87860dcfba66bdd25 | 56 / 73 (76.71%)
| 72.21.81.200:443 |
| 2020-03-23 20:28:14 | 8b9842e131b698c9b8c9c464d678a0e6 | n/a | 152.199.19.161:443 |
| 2020-03-22 19:53:09 | bb38fe9af67b31b1599203461b64b229 | n/a | 93.184.221.189:443 |
| 2020-03-22 08:08:21 | bbb86a199a0c6fb7742f41acd95e4b90 | 56 / 72 (77.78%)
| 152.199.19.161:443 |
| 2020-03-22 02:28:01 | 597184757c930333d7857062c510d3ce | n/a | 152.199.19.161:443 |
| 2020-03-21 13:11:52 | b0a39a4d9e06a3ee084912696724cd80 | 52 / 73 (71.23%)
| 152.199.19.161:443 |
| 2020-03-20 20:56:28 | b9b03035e34c5fc32eed7a9baa9f8a73 | 54 / 72 (75.00%)
| 152.199.19.161:443 |
| 2020-03-20 18:59:24 | bdbc74695a71c0ae0fa5e7b8b3d36d74 | n/a | 152.199.19.161:443 |
| 2020-03-20 17:43:18 | c2b1dd26c241b3fa0c1f540abdc49c62 | n/a | 152.199.19.161:443 |
| 2020-03-20 16:17:46 | de41a38673359fa4e95031a275b59020 | 47 / 72 (65.28%)
| 5.226.180.27:443 |
| 2020-03-20 16:17:46 | de41a38673359fa4e95031a275b59020 | 47 / 72 (65.28%)
| 5.226.180.67:443 |
| 2020-03-20 13:18:34 | 40370c3dfbdb3d7db9c6beb37c8223f4 | 48 / 73 (65.75%)
| 152.199.19.161:443 |
| 2020-03-20 06:16:06 | afc195132f2feb402422673470c5c14b | 57 / 74 (77.03%)
| 152.199.19.161:443 |
| 2020-03-19 18:46:39 | c2f47ac40ad1300b39a8e7deded39a83 | n/a | 152.199.19.161:443 |
| 2020-03-19 18:37:00 | a15748ae49cbc2de7cd097db2b4566de | 53 / 73 (72.60%)
| 152.199.19.161:443 |
| 2020-03-19 18:26:49 | 190a29f245895f280938e85b271f0361 | 62 / 72 (86.11%)
| 152.199.19.161:443 |
| 2020-03-19 03:07:35 | c04e6c59bfc4b6ee34111d40667e9642 | 64 / 72 (88.89%)
| 152.199.19.161:443 |
| 2020-03-19 02:16:22 | c2993dd223fe4d68af4e8bcd6e5dcb97 | 55 / 72 (76.39%)
| 152.199.19.161:443 |
| 2020-03-18 13:58:03 | a6d40a3e458bc87260047b13d2158843 | 56 / 73 (76.71%)
| 152.199.19.161:443 |
| 2020-03-18 11:54:24 | 1d5b1abccddd691d386f55fbd469d62f | 56 / 73 (76.71%)
| 152.199.19.161:443 |
| 2020-03-18 10:23:08 | bebc89cabae77fa9fc07fc94b2ebab4e | 56 / 73 (76.71%)
| 152.199.19.161:443 |
| 2020-03-18 09:10:08 | 16590957e86c950a450a0894ff52abee | n/a | 93.184.221.189:443 |
| 2020-03-17 22:13:34 | 18625a54268584bfa37c9dffd1ae9097 | 55 / 72 (76.39%)
| 152.199.19.161:443 |
| 2020-03-17 20:54:24 | b29476429c73901560382ea55dc3eccb | 46 / 71 (64.79%)
| 72.21.81.200:443 |
| 2020-03-17 19:39:35 | 2071068b4e30a0d5c289dbfa25bdc09d | 29 / 73 (39.73%)
| 165.22.207.20:443 |
| 2020-03-17 18:13:02 | c1fad167f7b52f68d2e97ba68657563a | n/a | 152.199.19.161:443 |
| 2020-03-17 15:54:58 | b7d1237cbe799d487ce9dd6d06043e6d | n/a | 152.199.19.161:443 |
| 2020-03-17 10:20:17 | b425ae6f7642b539b2e90a66bea103ed | 63 / 73 (86.30%)
| 152.199.19.161:443 |
| 2020-03-17 00:50:42 | df8a3c69fdb858acc31d3fed60e246c0 | 35 / 70 (50.00%)
| 52.78.17.162:443 |
| 2020-03-15 16:42:33 | c455b06d645f13724f54a87138125f83 | 63 / 73 (86.30%)
| 72.21.81.200:443 |
| 2020-03-15 06:30:43 | c5fdb8ee1e8c9a0bd1c577c7a686a8e4 | 56 / 70 (80.00%)
| 152.199.19.161:443 |
| 2020-03-15 03:31:34 | 8f6eb2ec5ba21c68608bc808b0eae932 | 57 / 72 (79.17%)
| 152.199.19.161:443 |
| 2020-03-14 00:14:47 | b6031f68081f81b5df6a1de841da053f | 47 / 73 (64.38%)
| 152.199.19.161:443 |
| 2020-03-13 22:37:15 | f5eaf9d9398898e5b661d170535f7ec2 | 17 / 71 (23.94%)
| 104.31.86.73:443 |
| 2020-03-13 22:37:15 | f5eaf9d9398898e5b661d170535f7ec2 | 17 / 71 (23.94%)
| 193.187.90.18:443 |
| 2020-03-13 18:01:51 | bd5b5a1be2b95dbfe702b6c483e2174a | 8 / 73 (10.96%)
| 152.199.19.161:443 |
| 2020-03-13 17:29:45 | aef8f331f04301a5a03d300cbc7385b1 | 62 / 71 (87.32%)
| 152.199.19.161:443 |
| 2020-03-13 17:08:21 | 19bf4f3b2ed0ed503dfab67948dde078 | n/a | 152.199.19.161:443 |
| 2020-03-13 13:20:34 | 2b5fed7cbfeeeb4f923fa224178eac0e | 62 / 72 (86.11%)
| 152.199.19.161:443 |
| 2020-03-13 12:48:13 | 1dab281576253746b5dde5b0f003a540 | 52 / 70 (74.29%)
| 152.199.19.161:443 |
# of entries: 100 (max: 100)