JA3 Fingerprints

You can find further information about the JA3 fingerprint 8f6c918dcb585ebbea05e2cc94530e3d, including the corresponding malware samples as well as the associated botnet C&Cs.

Database Entry


JA3 Fingerprint:8f6c918dcb585ebbea05e2cc94530e3d
First seen:2018-11-16 13:26:41 UTC
Last seen:2018-12-07 04:17:01 UTC
Status:Blacklisted
Malware samples:3
Destination IPs:3
Malware:Tofsee -
Listing date:2018-11-19 11:33:52

Malware Samples


The table below documents all malware samples associated with this JA3 Fingerprint.

Timestamp (UTC)Malware Sample (MD5 hash)VTBotnet C&C (IP:port)
2018-12-07 04:17:015919f2f95678c9689bb2ab633f04ecedVirustotal results 40/69 (57.97%) 54.194.185.124:443
2018-11-18 19:19:34bc95c3f699cea00f31cc288e669d9bd3Virustotal results 18/67 (26.87%) 78.136.38.139:443
2018-11-16 13:26:410d0e3832ff519b3ce734f8f122debcf4Virustotal results 27/67 (40.30%) 162.13.248.112:443

# of entries: 3 (max: 100)