JA3 Fingerprints

You can find further information about the JA3 fingerprint 7a29c223fb122ec64d10f0a159e07996, including the corresponding malware samples as well as the associated botnet C&Cs.

Database Entry


JA3 Fingerprint:7a29c223fb122ec64d10f0a159e07996
First seen:2019-06-09 22:55:29 UTC
Last seen:2020-06-04 17:13:43 UTC
Status:Blacklisted
Malware samples:502
Destination IPs:35
Malware:Tofsee -
Listing date:2020-01-09 14:21:55

Malware Samples


The table below documents all malware samples associated with this JA3 Fingerprint.

Timestamp (UTC)Malware Sample (MD5 hash)VTBotnet C&C (IP:port)
2020-06-04 17:13:4389977105987000082f42424f45a64457Virustotal results 45 / 71 (63.38%) 31.13.72.36:443
2020-06-04 17:13:4389977105987000082f42424f45a64457Virustotal results 45 / 71 (63.38%) 31.13.64.21:443
2020-06-04 17:13:4389977105987000082f42424f45a64457Virustotal results 45 / 71 (63.38%) 31.13.72.8:443
2020-06-03 20:11:23444189ff62dbf1b86beed92fdfdb5d90Virustotal results 41 / 73 (56.16%) 31.13.72.8:443
2020-06-03 20:11:22444189ff62dbf1b86beed92fdfdb5d90Virustotal results 41 / 73 (56.16%) 31.13.72.36:443
2020-06-03 20:11:22444189ff62dbf1b86beed92fdfdb5d90Virustotal results 41 / 73 (56.16%) 157.240.194.18:443
2020-06-03 18:59:344076dfd3e8f7ce86e7c846928aa3661aVirustotal results 21 / 73 (28.77%) 31.13.72.36:443
2020-06-03 18:59:344076dfd3e8f7ce86e7c846928aa3661aVirustotal results 21 / 73 (28.77%) 157.240.194.18:443
2020-06-03 18:59:344076dfd3e8f7ce86e7c846928aa3661aVirustotal results 21 / 73 (28.77%) 193.135.136.212:443
2020-06-03 05:58:3423a03cd4232c3a51e0cd109b67f18855Virustotal results 34 / 73 (46.58%) 157.240.194.35:443
2020-06-03 05:58:3423a03cd4232c3a51e0cd109b67f18855Virustotal results 34 / 73 (46.58%) 31.13.72.8:443
2020-06-03 05:58:3323a03cd4232c3a51e0cd109b67f18855Virustotal results 34 / 73 (46.58%) 31.13.72.36:443
2020-06-03 05:58:3323a03cd4232c3a51e0cd109b67f18855Virustotal results 34 / 73 (46.58%) 157.240.17.15:443
2020-06-03 05:58:3323a03cd4232c3a51e0cd109b67f18855Virustotal results 34 / 73 (46.58%) 157.240.194.18:443
2020-06-02 23:05:370c076ef11a5eab18ba13181bbdd4f52fVirustotal results 38 / 73 (52.05%) 31.13.72.8:443
2020-06-02 23:05:340c076ef11a5eab18ba13181bbdd4f52fVirustotal results 38 / 73 (52.05%) 31.13.72.36:443
2020-06-02 23:05:340c076ef11a5eab18ba13181bbdd4f52fVirustotal results 38 / 73 (52.05%) 193.135.136.17:443
2020-06-01 21:04:23565a92e31f0939322a91e35be5c55961Virustotal results 32 / 73 (43.84%) 31.13.72.8:443
2020-06-01 21:04:22565a92e31f0939322a91e35be5c55961Virustotal results 32 / 73 (43.84%) 31.13.72.36:443
2020-06-01 21:04:22565a92e31f0939322a91e35be5c55961Virustotal results 32 / 73 (43.84%) 157.240.194.35:443
2020-06-01 21:04:22565a92e31f0939322a91e35be5c55961Virustotal results 32 / 73 (43.84%) 157.240.17.15:443
2020-06-01 08:23:00165ddff83c7394de9caa7e7199bb0030Virustotal results 56 / 73 (76.71%) 70.186.26.81:443
2020-06-01 08:23:00165ddff83c7394de9caa7e7199bb0030Virustotal results 56 / 73 (76.71%) 31.13.72.36:443
2020-06-01 08:22:59165ddff83c7394de9caa7e7199bb0030Virustotal results 56 / 73 (76.71%) 157.240.194.27:443
2020-06-01 08:22:59165ddff83c7394de9caa7e7199bb0030Virustotal results 56 / 73 (76.71%) 31.13.72.8:443
2020-06-01 08:22:59165ddff83c7394de9caa7e7199bb0030Virustotal results 56 / 73 (76.71%) 157.240.194.18:443
2020-06-01 07:07:380ef677668df589aa19e622d623139069Virustotal results 46 / 72 (63.89%) 31.13.72.8:443
2020-06-01 07:07:370ef677668df589aa19e622d623139069Virustotal results 46 / 72 (63.89%) 193.135.136.17:443
2020-06-01 07:07:370ef677668df589aa19e622d623139069Virustotal results 46 / 72 (63.89%) 31.13.72.36:443
2020-06-01 06:50:099004f899c8f2e342c9ef722ace6718a9Virustotal results 38 / 73 (52.05%) 31.13.72.8:443
2020-06-01 06:50:099004f899c8f2e342c9ef722ace6718a9Virustotal results 38 / 73 (52.05%) 157.240.194.35:443
2020-06-01 06:50:099004f899c8f2e342c9ef722ace6718a9Virustotal results 38 / 73 (52.05%) 157.240.201.15:443
2020-05-31 12:28:555ee07e9f53d82de0ba8eca75b4f12c11Virustotal results 40 / 73 (54.79%) 31.13.72.36:443
2020-05-31 12:28:555ee07e9f53d82de0ba8eca75b4f12c11Virustotal results 40 / 73 (54.79%) 157.240.194.35:443
2020-05-31 12:28:545ee07e9f53d82de0ba8eca75b4f12c11Virustotal results 40 / 73 (54.79%) 31.13.64.21:443
2020-05-31 12:28:545ee07e9f53d82de0ba8eca75b4f12c11Virustotal results 40 / 73 (54.79%) 31.13.72.8:443
2020-05-31 07:59:0043f4ec91f341bc01a16884a3e891fc67Virustotal results 50 / 73 (68.49%) 31.13.72.36:443
2020-05-31 07:59:0043f4ec91f341bc01a16884a3e891fc67Virustotal results 50 / 73 (68.49%) 157.240.17.15:443
2020-05-31 07:59:0043f4ec91f341bc01a16884a3e891fc67Virustotal results 50 / 73 (68.49%) 31.13.72.8:443
2020-05-30 15:45:00776e7db40bc3b50ae269d927c10e1f6dVirustotal results 56 / 73 (76.71%) 157.240.194.35:443
2020-05-30 15:44:59776e7db40bc3b50ae269d927c10e1f6dVirustotal results 56 / 73 (76.71%) 157.240.17.15:443
2020-05-30 15:44:59776e7db40bc3b50ae269d927c10e1f6dVirustotal results 56 / 73 (76.71%) 31.13.72.8:443
2020-05-30 12:03:0942171261efc6586d2fb11777f49ea3a3Virustotal results 56 / 72 (77.78%) 31.13.72.12:443
2020-05-30 12:03:0842171261efc6586d2fb11777f49ea3a3Virustotal results 56 / 72 (77.78%) 31.13.72.8:443
2020-05-30 12:03:0842171261efc6586d2fb11777f49ea3a3Virustotal results 56 / 72 (77.78%) 31.13.72.36:443
2020-05-29 23:39:023c43139fe11d77d4578ce7a103c2b270Virustotal results 39 / 73 (53.42%) 31.13.72.36:443
2020-05-29 23:39:013c43139fe11d77d4578ce7a103c2b270Virustotal results 39 / 73 (53.42%) 31.13.72.8:443
2020-05-29 23:39:013c43139fe11d77d4578ce7a103c2b270Virustotal results 39 / 73 (53.42%) 31.13.72.12:443
2020-05-29 20:30:400442765c8308662fc48d5158b8f63410Virustotal results 41 / 72 (56.94%) 157.240.17.15:443
2020-05-29 20:30:390442765c8308662fc48d5158b8f63410Virustotal results 41 / 72 (56.94%) 157.240.194.18:443
2020-05-29 20:30:390442765c8308662fc48d5158b8f63410Virustotal results 41 / 72 (56.94%) 157.240.194.35:443
2020-05-29 20:30:390442765c8308662fc48d5158b8f63410Virustotal results 41 / 72 (56.94%) 31.13.72.36:443
2020-05-29 20:30:390442765c8308662fc48d5158b8f63410Virustotal results 41 / 72 (56.94%) 31.13.72.8:443
2020-05-29 18:42:141818543d2a2006ae9b498cdec8d1417dVirustotal results 52 / 73 (71.23%) 157.240.194.18:443
2020-05-29 18:42:141818543d2a2006ae9b498cdec8d1417dVirustotal results 52 / 73 (71.23%) 31.13.64.21:443
2020-05-29 18:42:121818543d2a2006ae9b498cdec8d1417dVirustotal results 52 / 73 (71.23%) 31.13.72.8:443
2020-05-29 18:42:121818543d2a2006ae9b498cdec8d1417dVirustotal results 52 / 73 (71.23%) 31.13.72.36:443
2020-05-28 07:06:374dd41c1bbce7c0b3ddc1543120720dd2Virustotal results 44 / 72 (61.11%) 31.13.72.36:443
2020-05-28 07:06:364dd41c1bbce7c0b3ddc1543120720dd2Virustotal results 44 / 72 (61.11%) 31.13.72.8:443
2020-05-28 07:06:364dd41c1bbce7c0b3ddc1543120720dd2Virustotal results 44 / 72 (61.11%) 31.13.81.13:443
2020-05-28 05:00:44466ed58ba6a11b82128bfbf739374f90Virustotal results 41 / 72 (56.94%) 157.240.201.15:443
2020-05-28 05:00:43466ed58ba6a11b82128bfbf739374f90Virustotal results 41 / 72 (56.94%) 31.13.72.36:443
2020-05-28 05:00:43466ed58ba6a11b82128bfbf739374f90Virustotal results 41 / 72 (56.94%) 31.13.72.8:443
2020-05-28 05:00:42466ed58ba6a11b82128bfbf739374f90Virustotal results 41 / 72 (56.94%) 31.13.64.21:443
2020-05-27 20:42:4242dafbd1c80c1e365f9531b94251cc84Virustotal results 42 / 72 (58.33%) 31.13.72.12:443
2020-05-27 20:42:4142dafbd1c80c1e365f9531b94251cc84Virustotal results 42 / 72 (58.33%) 31.13.72.36:443
2020-05-27 20:42:4142dafbd1c80c1e365f9531b94251cc84Virustotal results 42 / 72 (58.33%) 31.13.72.8:443
2020-05-27 20:42:4142dafbd1c80c1e365f9531b94251cc84Virustotal results 42 / 72 (58.33%) 157.240.194.35:443
2020-05-26 18:24:081b365f6976e3682646d0aa9ed0b918d3Virustotal results 38 / 73 (52.05%) 31.13.64.21:443
2020-05-26 18:24:071b365f6976e3682646d0aa9ed0b918d3Virustotal results 38 / 73 (52.05%) 31.13.72.8:443
2020-05-26 18:24:071b365f6976e3682646d0aa9ed0b918d3Virustotal results 38 / 73 (52.05%) 31.13.72.36:443
2020-05-26 14:34:3411465a3ecfb8c42dd586f41c694afbeeVirustotal results 41 / 69 (59.42%) 31.13.72.36:443
2020-05-26 14:34:3411465a3ecfb8c42dd586f41c694afbeeVirustotal results 41 / 69 (59.42%) 157.240.194.35:443
2020-05-26 14:34:3411465a3ecfb8c42dd586f41c694afbeeVirustotal results 41 / 69 (59.42%) 31.13.81.13:443
2020-05-26 14:34:3411465a3ecfb8c42dd586f41c694afbeeVirustotal results 41 / 69 (59.42%) 31.13.72.8:443
2020-05-26 06:03:4021406cd8d7f50dce0c636a40b34e873dVirustotal results 42 / 72 (58.33%) 185.60.216.35:443
2020-05-26 06:03:3921406cd8d7f50dce0c636a40b34e873dVirustotal results 42 / 72 (58.33%) 185.60.216.19:443
2020-05-26 06:03:3921406cd8d7f50dce0c636a40b34e873dVirustotal results 42 / 72 (58.33%) 31.13.92.10:443
2020-05-25 20:44:1403ae7c60c9afc5d8c7f78d66cde6c3cfVirustotal results 46 / 73 (63.01%) 31.13.72.8:443
2020-05-25 20:44:1303ae7c60c9afc5d8c7f78d66cde6c3cfVirustotal results 46 / 73 (63.01%) 157.240.194.18:443
2020-05-25 20:44:1303ae7c60c9afc5d8c7f78d66cde6c3cfVirustotal results 46 / 73 (63.01%) 31.13.72.36:443
2020-05-25 20:44:1303ae7c60c9afc5d8c7f78d66cde6c3cfVirustotal results 46 / 73 (63.01%) 157.240.194.35:443
2020-05-25 20:44:1203ae7c60c9afc5d8c7f78d66cde6c3cfVirustotal results 46 / 73 (63.01%) 157.240.201.15:443
2020-05-25 18:58:10186c95da68793cb3a44f0a0f2345058aVirustotal results 43 / 71 (60.56%) 31.13.72.12:443
2020-05-25 18:58:09186c95da68793cb3a44f0a0f2345058aVirustotal results 43 / 71 (60.56%) 31.13.72.36:443
2020-05-25 18:58:09186c95da68793cb3a44f0a0f2345058aVirustotal results 43 / 71 (60.56%) 31.13.81.13:443
2020-05-25 18:58:09186c95da68793cb3a44f0a0f2345058aVirustotal results 43 / 71 (60.56%) 31.13.72.8:443
2020-05-24 21:02:3845bcd8b2887e4c7c7f6c3594c98c9bdan/a157.240.17.15:443
2020-05-24 21:02:3845bcd8b2887e4c7c7f6c3594c98c9bdan/a31.13.72.8:443
2020-05-24 21:02:3845bcd8b2887e4c7c7f6c3594c98c9bdan/a31.13.72.36:443
2020-05-24 18:55:031cb223de444038fa669ef0b482f99491Virustotal results 44 / 70 (62.86%) 70.186.26.82:443
2020-05-24 18:55:031cb223de444038fa669ef0b482f99491Virustotal results 44 / 70 (62.86%) 70.186.26.81:443
2020-05-24 18:55:021cb223de444038fa669ef0b482f99491Virustotal results 44 / 70 (62.86%) 31.13.72.12:443
2020-05-24 17:30:3000a91a368c492df93bac8914098cafdaVirustotal results 55 / 72 (76.39%) 31.13.72.12:443
2020-05-24 17:30:3000a91a368c492df93bac8914098cafdaVirustotal results 55 / 72 (76.39%) 31.13.72.36:443
2020-05-24 17:30:2900a91a368c492df93bac8914098cafdaVirustotal results 55 / 72 (76.39%) 31.13.72.8:443
2020-05-24 04:23:456e6cf071b8e0f2a2fcb41ace54e9b87cVirustotal results 42 / 72 (58.33%) 157.240.194.35:443
2020-05-24 04:23:446e6cf071b8e0f2a2fcb41ace54e9b87cVirustotal results 42 / 72 (58.33%) 157.240.201.15:443
2020-05-24 04:23:446e6cf071b8e0f2a2fcb41ace54e9b87cVirustotal results 42 / 72 (58.33%) 31.13.72.36:443
2020-05-24 04:23:436e6cf071b8e0f2a2fcb41ace54e9b87cVirustotal results 42 / 72 (58.33%) 31.13.72.8:443

# of entries: 100 (max: 100)