JA3 Fingerprints

You can find further information about the JA3 fingerprint 8f6c918dcb585ebbea05e2cc94530e3d, including the corresponding malware samples as well as the associated botnet C&Cs.

Database Entry

JA3 Fingerprint:	8f6c918dcb585ebbea05e2cc94530e3d
First seen:	2018-11-16 13:26:41 UTC
Last seen:	2020-05-06 15:45:21 UTC
Status:	Blacklisted
Malware samples:	10
Destination IPs:	6
Malware:	Tofsee
Listing date:	2018-11-19 11:33:52

Malware Samples

The table below documents all malware samples associated with this JA3 Fingerprint.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Botnet C&C (IP:port)
2023-02-26 14:15:45	a761a9856210f0e96279d8e606404a7d	n/a	187.45.179.122:5100
2023-02-21 03:12:39	350094a5132e2d3403d32a852fe7eb5d	n/a	187.45.179.122:5100
2023-01-27 04:27:37	bad9c957cee0ee1b3e18e585baad8bee	24 / 67 (35.82%)	187.45.179.122:5100
2023-01-27 04:27:37	bad9c957cee0ee1b3e18e585baad8bee	24 / 67 (35.82%)	186.227.197.23:5100
2022-05-15 20:58:26	b01fc1eb13f7e68c4e8ef2dfd8742a9e	2 / 68 (2.94%)	187.45.179.122:5100
2022-03-15 19:25:52	b57b3aca415b99e64a8a685e42dec3fb	n/a	187.45.179.43:5100
2022-03-15 19:25:52	b57b3aca415b99e64a8a685e42dec3fb	n/a	187.45.179.122:5100
2021-12-29 19:30:18	38d6bbb91fcfc94b40e7c2bf5440c2dd	6 / 68 (8.82%)	187.45.179.122:5100
2020-05-06 15:45:21	e6460f94a45192ae56fa5b3fd756d751	n/a	187.45.179.122:5100
2020-05-06 15:45:21	e6460f94a45192ae56fa5b3fd756d751	n/a	187.45.179.122:5100
2018-12-07 04:17:01	5919f2f95678c9689bb2ab633f04eced	40/69 (57.97%)	54.194.185.124:443
2018-12-07 04:17:01	5919f2f95678c9689bb2ab633f04eced	40/69 (57.97%)	54.194.185.124:443
2018-11-18 19:19:34	bc95c3f699cea00f31cc288e669d9bd3	18/67 (26.87%)	78.136.38.139:443
2018-11-18 19:19:34	bc95c3f699cea00f31cc288e669d9bd3	18/67 (26.87%)	78.136.38.139:443
2018-11-16 13:26:41	0d0e3832ff519b3ce734f8f122debcf4	27/67 (40.30%)	162.13.248.112:443
2018-11-16 13:26:41	0d0e3832ff519b3ce734f8f122debcf4	27/67 (40.30%)	162.13.248.112:443

# of entries: 16 (max: 100)