JA3 Fingerprints
You can find further information about the JA3 fingerprint 96eba628dcb2b47607192ba74a3b55ba, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | 96eba628dcb2b47607192ba74a3b55ba |
|---|---|
| First seen: | 2017-07-19 18:53:48 UTC |
| Last seen: | 2020-03-28 08:13:18 UTC |
| Status: | Blacklisted |
| Malware samples: | 1'337 |
| Destination IPs: | 156 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 11:49:02 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-03-28 08:13:18 | 7d0d77195b18f47e203629bbd0044018 | n/a | 52.97.133.162:587 |
| 2020-03-28 00:44:33 | 060d3c57ad3a89c6e600bb586cc814d0 |  19 / 65 (29.23%)
| 52.97.133.226:587 |
| 2020-03-27 08:06:45 | 99b6fc26f6a4f013ae61cc3102e3a392 | n/a | 52.97.232.194:587 |
| 2020-03-26 19:49:31 | cdf6c5b37844378a0f1dfd0fcb89cda1 | 33 / 72 (45.83%)
| 52.97.189.98:587 |
| 2020-03-26 19:49:28 | cdf6c5b37844378a0f1dfd0fcb89cda1 | 33 / 72 (45.83%)
| 40.101.80.18:587 |
| 2020-03-26 19:49:25 | cdf6c5b37844378a0f1dfd0fcb89cda1 | 33 / 72 (45.83%)
| 52.97.232.210:587 |
| 2020-03-26 14:05:43 | 7563c96137f187d0dd3277f2b2e9fd77 | n/a | 52.97.176.34:587 |
| 2020-03-26 13:57:59 | d86b5aad90c5c2928fdff9718cb8ef24 | 21 / 71 (29.58%)
| 52.97.165.146:587 |
| 2020-03-26 13:57:57 | d86b5aad90c5c2928fdff9718cb8ef24 | 21 / 71 (29.58%)
| 52.97.129.242:587 |
| 2020-03-26 12:27:22 | 5a372fae95b828405954a558e723fd26 | n/a | 40.101.80.18:587 |
| 2020-03-26 12:27:22 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.155.114:587 |
| 2020-03-26 12:27:21 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.183.194:587 |
| 2020-03-26 12:27:21 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.144.178:587 |
| 2020-03-26 12:27:21 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.176.2:587 |
| 2020-03-26 12:27:19 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.152.210:587 |
| 2020-03-26 12:27:19 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.163.2:587 |
| 2020-03-26 04:15:13 | 6c70a4dd83753f4cb028bd19dd177d40 | 18 / 72 (25.00%)
| 52.97.186.18:587 |
| 2020-03-25 21:42:53 | a00af9729eff3c313db18914f9db4be4 | 23 / 73 (31.51%)
| 52.97.189.66:587 |
| 2020-03-25 21:42:49 | a00af9729eff3c313db18914f9db4be4 | 23 / 73 (31.51%)
| 40.101.12.66:587 |
| 2020-03-25 16:19:48 | 39b961c13850e7910d07c9d1993b47a7 | 20 / 72 (27.78%)
| 52.98.16.226:587 |
| 2020-03-25 16:19:48 | 39b961c13850e7910d07c9d1993b47a7 | 20 / 72 (27.78%)
| 40.101.137.50:587 |
| 2020-03-25 16:19:43 | 39b961c13850e7910d07c9d1993b47a7 | 20 / 72 (27.78%)
| 52.97.232.242:587 |
| 2020-03-25 14:18:49 | c0d90be5de2fbba760a3ae94c4cdbf85 | 22 / 72 (30.56%)
| 40.101.18.18:587 |
| 2020-03-25 14:18:49 | c0d90be5de2fbba760a3ae94c4cdbf85 | 22 / 72 (30.56%)
| 40.101.137.34:587 |
| 2020-03-25 14:18:48 | c0d90be5de2fbba760a3ae94c4cdbf85 | 22 / 72 (30.56%)
| 52.97.144.2:587 |
| 2020-03-25 14:18:48 | c0d90be5de2fbba760a3ae94c4cdbf85 | 22 / 72 (30.56%)
| 40.101.137.98:587 |
| 2020-03-24 16:15:36 | a762b5e04a15393837dda914cebab4ed | n/a | 217.74.64.236:587 |
| 2020-03-24 15:03:49 | c09cd8de896d1a6d9615da2ed39698ea | 54 / 72 (75.00%)
| 93.17.128.122:465 |
| 2020-03-24 09:08:38 | 7667b6f0e8959af9483c55e5fdec1a5a | 55 / 73 (75.34%)
| 195.4.92.217:587 |
| 2020-03-24 09:08:38 | 7667b6f0e8959af9483c55e5fdec1a5a | 55 / 73 (75.34%)
| 91.220.42.240:587 |
| 2020-03-24 07:37:42 | a69baf43aa0d54ae533f68cd99c91b3c | 55 / 73 (75.34%)
| 185.39.146.19:465 |
| 2020-03-24 07:22:06 | fb5d99056bbec8b5c63a601e354fc338 | n/a | 195.130.217.240:587 |
| 2020-03-24 07:22:05 | fb5d99056bbec8b5c63a601e354fc338 | n/a | 162.241.78.24:465 |
| 2020-03-24 07:22:04 | fb5d99056bbec8b5c63a601e354fc338 | n/a | 146.20.161.11:587 |
| 2020-03-24 07:22:04 | fb5d99056bbec8b5c63a601e354fc338 | n/a | 93.17.128.164:465 |
| 2020-03-24 07:22:03 | fb5d99056bbec8b5c63a601e354fc338 | n/a | 68.87.20.6:587 |
| 2020-03-24 07:14:34 | f9838b48b76cd2e54b8a23f97eccd07f | n/a | 78.47.159.103:587 |
| 2020-03-24 04:36:17 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 78.94.184.162:587 |
| 2020-03-24 04:36:17 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 178.15.4.178:587 |
| 2020-03-24 04:36:17 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 37.1.88.130:587 |
| 2020-03-24 04:36:17 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 78.94.184.162:465 |
| 2020-03-24 04:36:16 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 178.15.4.178:465 |
| 2020-03-24 04:36:16 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 46.234.112.83:465 |
| 2020-03-24 03:32:32 | 5d2e7ec8465be49b01d7a210edb6021f | 55 / 73 (75.34%)
| 64.29.151.235:465 |
| 2020-03-24 03:32:31 | 5d2e7ec8465be49b01d7a210edb6021f | 55 / 73 (75.34%)
| 62.149.157.160:465 |
| 2020-03-24 01:39:15 | b4f86261b0f670996e3565eb26f75d66 | n/a | 103.6.198.201:587 |
| 2020-03-24 01:39:15 | b4f86261b0f670996e3565eb26f75d66 | n/a | 91.198.36.83:465 |
| 2020-03-24 01:39:15 | b4f86261b0f670996e3565eb26f75d66 | n/a | 202.137.235.17:587 |
| 2020-03-24 01:39:13 | b4f86261b0f670996e3565eb26f75d66 | n/a | 37.139.86.87:587 |
| 2020-03-24 00:43:19 | 498712c2e86e43156e61b25b00ff4391 | n/a | 202.137.235.17:587 |
| 2020-03-24 00:43:18 | 498712c2e86e43156e61b25b00ff4391 | n/a | 85.13.140.184:465 |
| 2020-03-24 00:43:16 | 498712c2e86e43156e61b25b00ff4391 | n/a | 85.13.140.184:587 |
| 2020-03-23 22:48:40 | 8d2e93b7521a348c90a0e3b24c3863e5 | n/a | 64.136.44.44:465 |
| 2020-03-23 22:47:49 | de87b69bef15aedf7a3b9c9e0c4e269c | 55 / 73 (75.34%)
| 205.139.110.242:587 |
| 2020-03-23 03:25:17 | c88c9a759a75c75845ee562243a89fb1 | n/a | 195.78.66.50:465 |
| 2020-03-22 07:13:33 | 7b16c7ab53f5ab79d73a22efbfec41db | n/a | 69.10.169.34:587 |
| 2020-03-22 07:13:33 | 7b16c7ab53f5ab79d73a22efbfec41db | n/a | 69.10.169.34:465 |
| 2020-03-22 07:13:33 | 7b16c7ab53f5ab79d73a22efbfec41db | n/a | 212.227.17.190:587 |
| 2020-03-22 07:13:31 | 7b16c7ab53f5ab79d73a22efbfec41db | n/a | 212.227.17.190:465 |
| 2020-03-22 07:01:23 | da89b5ed05a5819f578e88f14a98e17c | n/a | 88.79.227.253:587 |
| 2020-03-22 07:01:23 | da89b5ed05a5819f578e88f14a98e17c | n/a | 88.79.227.253:465 |
| 2020-03-21 20:40:08 | 589e063d6dff968d7f91908a8789ba24 | n/a | 160.92.124.65:465 |
| 2020-03-20 18:47:56 | c839e7df2dd538ad2021e6a37bbcf8c0 | 57 / 73 (78.08%)
| 207.211.30.107:587 |
| 2020-03-20 06:01:47 | a24cc39c2dfeecb0c5f4b015ca3a2741 | n/a | 77.88.21.158:465 |
| 2020-03-20 06:01:47 | a24cc39c2dfeecb0c5f4b015ca3a2741 | n/a | 150.70.226.147:465 |
| 2020-03-20 06:01:47 | a24cc39c2dfeecb0c5f4b015ca3a2741 | n/a | 217.69.139.160:465 |
| 2020-03-19 18:31:59 | 09e05ceb5a88f23167fbcd5c2eb275fe | n/a | 212.227.17.168:587 |
| 2020-03-19 03:37:34 | 1f20eca1556c0485144ab642d07a9c0f | 55 / 72 (76.39%)
| 211.152.42.24:465 |
| 2020-03-18 16:55:13 | 053954d663fb1affe65486cf59418ffd | n/a | 23.65.116.16:443 |
| 2020-03-18 03:16:53 | b15e6a487b49c90239046db3f2629340 | 51 / 70 (72.86%)
| 130.206.19.162:465 |
| 2020-03-07 19:04:47 | 249e052b738ab40f0e9a1f9723da6761 | 54 / 72 (75.00%)
| 5.62.42.125:443 |
| 2020-03-06 19:46:05 | 46c564d7bf821027725ac57fe9038526 | 34 / 72 (47.22%)
| 23.217.109.79:443 |
| 2020-03-06 19:46:04 | 46c564d7bf821027725ac57fe9038526 | 34 / 72 (47.22%)
| 46.255.138.38:443 |
| 2020-03-03 11:20:46 | 78f7575b066daea8d029386ef77fd66e | n/a | 104.18.90.31:443 |
| 2020-02-08 17:26:26 | 89c3792f6270ec19f49aa4ebe35ca283 | n/a | 109.71.161.200:443 |
| 2020-02-08 13:47:21 | 5b3b322cfddf0564ae3b2aad97e42d2a | n/a | 109.71.161.200:443 |
| 2020-02-08 13:30:57 | adf3894d910215fff25821358470bd86 | 49 / 72 (68.06%)
| 104.18.91.31:443 |
| 2020-02-08 12:31:18 | bfc6241e6b4c9a69d3c5e6de6f34bb3a | 52 / 72 (72.22%)
| 109.71.161.200:443 |
| 2020-02-05 04:01:53 | ace76079ec40883e6b72ee202788c554 | 21 / 73 (28.77%)
| 104.18.90.31:443 |
| 2019-12-30 06:39:02 | 3f0d420de0b9ef2a628c6626acf14f68 | n/a | 104.18.90.31:443 |
| 2019-12-16 13:11:21 | af8a7832d3b51e6f4affe2131356278c | 52 / 72 (72.22%)
| 104.18.90.31:443 |
| 2019-12-09 04:15:03 | a2fb434588ebde780f4d56cd28b61c5a | 52 / 72 (72.22%)
| 104.18.90.31:443 |
| 2019-12-05 08:57:48 | 47b2201a5bd70bcb96151432dcf1a289 | n/a | 104.18.91.31:443 |
| 2019-12-05 01:27:41 | 38a1f66a9d2dea25e3fbb42ba9a8d7da | n/a | 104.18.90.31:443 |
| 2019-12-05 01:27:35 | 38a1f66a9d2dea25e3fbb42ba9a8d7da | n/a | 104.18.91.31:443 |
| 2019-12-04 13:03:33 | fff59129d507fe509247a1003f79cc15 | n/a | 104.18.90.31:443 |
| 2019-12-04 13:03:33 | fff59129d507fe509247a1003f79cc15 | n/a | 104.18.91.31:443 |
| 2019-12-03 10:49:32 | d1bc52aaf9e4410988ef68f1289028b9 | 25 / 70 (35.71%)
| 104.18.90.31:443 |
| 2019-11-21 07:00:34 | 4f62f297fdeb4f3fb32a81929ebdda11 | n/a | 104.18.91.31:443 |
| 2019-11-06 09:20:08 | 9501ebd1284fb771286514230965120f | n/a | 104.18.90.31:443 |
| 2019-11-06 08:38:02 | 3ef3cf7f4d3183d763312feddcecf745 | n/a | 104.18.91.31:443 |
| 2019-11-06 08:34:25 | 5c208dda395ef16244576bc7d2db012e | n/a | 104.18.90.31:443 |
| 2019-11-06 08:26:51 | 193e39d3190204c30a44ae1ebad48af3 | n/a | 104.18.90.31:443 |
| 2019-10-23 17:31:49 | faff0fc97f4f2501d3ad0161b47b7cfe | n/a | 104.18.91.31:443 |
| 2019-10-18 10:58:53 | cf5da654b44384d47095e7aa13dca2fe | n/a | 104.18.91.31:443 |
| 2019-10-18 10:58:52 | cf5da654b44384d47095e7aa13dca2fe | n/a | 104.18.90.31:443 |
| 2019-10-18 10:45:56 | b755e5b216abb65f35c0dae92023ca24 | n/a | 104.18.90.31:443 |
| 2019-10-18 10:30:46 | 2f5e53ea1ff16c8091040e60318d53de | n/a | 104.18.91.31:443 |
| 2019-09-28 02:56:35 | 7ec51583156f33d9f0c2b5eadb9b2c1e | n/a | 104.16.146.241:443 |
| 2019-08-19 20:20:03 | 52845c27b0cb7d20c3aee72f763abe84 | 32 / 70 (45.71%)
| 104.16.147.241:443 |
# of entries: 100 (max: 100)