JA3 Fingerprints
You can find further information about the JA3 fingerprint 96eba628dcb2b47607192ba74a3b55ba, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | 96eba628dcb2b47607192ba74a3b55ba |
|---|---|
| First seen: | 2017-07-19 18:53:48 UTC |
| Last seen: | 2020-06-26 14:02:18 UTC |
| Status: | Blacklisted |
| Malware samples: | 1'354 |
| Destination IPs: | 172 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 11:49:02 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-06-26 14:02:18 | 9b63386086d02b5603c6b7256a6354b7 |  45 / 74 (60.81%)
| 104.18.100.40:443 |
| 2020-06-26 13:45:54 | 9ae23d5dc699b191a8474fee396f8c81 | 45 / 73 (61.64%)
| 104.18.101.40:443 |
| 2020-05-22 00:42:19 | 104c1c9ec207cc9769b7a2e808a403af | 19 / 73 (26.03%)
| 104.18.101.40:443 |
| 2020-05-03 10:26:32 | b181f81cd098e62dc89ab272eca62189 | 25 / 72 (34.72%)
| 2.21.37.119:443 |
| 2020-04-16 05:21:30 | bbf841eb7a5a1be33296989686e29e94 | 49 / 73 (67.12%)
| 62.254.26.221:465 |
| 2020-04-16 05:21:30 | bbf841eb7a5a1be33296989686e29e94 | 49 / 73 (67.12%)
| 193.239.68.85:465 |
| 2020-04-16 05:21:29 | bbf841eb7a5a1be33296989686e29e94 | 49 / 73 (67.12%)
| 213.197.24.128:587 |
| 2020-04-16 05:21:29 | bbf841eb7a5a1be33296989686e29e94 | 49 / 73 (67.12%)
| 167.206.5.250:587 |
| 2020-04-15 23:29:22 | d621a78cf6343c38fa7356b7a2846ddd | 64 / 73 (87.67%)
| 109.123.210.15:465 |
| 2020-04-15 23:29:21 | d621a78cf6343c38fa7356b7a2846ddd | 64 / 73 (87.67%)
| 202.137.235.17:587 |
| 2020-04-08 19:07:43 | 64973f901d651b517042992215d0f9ef | 42 / 73 (57.53%)
| 23.211.5.207:443 |
| 2020-03-29 22:23:33 | f7d66bb0bb618da703f6fd87ef45ba9a | 64 / 73 (87.67%)
| 109.244.2.106:443 |
| 2020-03-29 22:23:33 | f7d66bb0bb618da703f6fd87ef45ba9a | 64 / 73 (87.67%)
| 14.152.76.126:443 |
| 2020-03-29 20:01:18 | 1022bf5a12187529ee99567cfbe7138b | 54 / 72 (75.00%)
| 195.206.40.175:587 |
| 2020-03-29 19:59:49 | 3fbdd253b9cf04880b507036cf4f7006 | n/a | 167.206.5.250:587 |
| 2020-03-29 19:43:11 | 642de6bd90909dbb88d92c52a5e74aa9 | n/a | 167.206.5.250:587 |
| 2020-03-29 19:27:43 | 83c6fa49c906279907c4d1a8096acd10 | n/a | 193.17.41.99:465 |
| 2020-03-29 19:26:39 | 8bf187ad55d69a0559f450da50d5d85c | n/a | 68.87.20.6:587 |
| 2020-03-29 19:14:45 | 6983ad9c106dc7b8052c63c52270266f | n/a | 206.152.134.66:587 |
| 2020-03-29 18:57:16 | d9c6d779a9957388ebd9810b36d67d07 | n/a | 213.46.255.69:465 |
| 2020-03-29 18:49:16 | e0622880c71489be90ad58ea1ef58d0f | n/a | 91.220.42.220:587 |
| 2020-03-29 18:37:34 | a2aa593758aeed77aafc88840d25af0c | n/a | 77.88.21.158:465 |
| 2020-03-29 18:37:33 | a2aa593758aeed77aafc88840d25af0c | n/a | 23.211.5.207:443 |
| 2020-03-28 08:13:18 | 7d0d77195b18f47e203629bbd0044018 | n/a | 52.97.133.162:587 |
| 2020-03-28 00:44:33 | 060d3c57ad3a89c6e600bb586cc814d0 | 19 / 65 (29.23%)
| 52.97.133.226:587 |
| 2020-03-27 08:06:45 | 99b6fc26f6a4f013ae61cc3102e3a392 | n/a | 52.97.232.194:587 |
| 2020-03-26 19:49:31 | cdf6c5b37844378a0f1dfd0fcb89cda1 | 33 / 72 (45.83%)
| 52.97.189.98:587 |
| 2020-03-26 19:49:28 | cdf6c5b37844378a0f1dfd0fcb89cda1 | 33 / 72 (45.83%)
| 40.101.80.18:587 |
| 2020-03-26 19:49:25 | cdf6c5b37844378a0f1dfd0fcb89cda1 | 33 / 72 (45.83%)
| 52.97.232.210:587 |
| 2020-03-26 14:05:43 | 7563c96137f187d0dd3277f2b2e9fd77 | n/a | 52.97.176.34:587 |
| 2020-03-26 13:57:59 | d86b5aad90c5c2928fdff9718cb8ef24 | 21 / 71 (29.58%)
| 52.97.165.146:587 |
| 2020-03-26 13:57:57 | d86b5aad90c5c2928fdff9718cb8ef24 | 21 / 71 (29.58%)
| 52.97.129.242:587 |
| 2020-03-26 12:27:22 | 5a372fae95b828405954a558e723fd26 | n/a | 40.101.80.18:587 |
| 2020-03-26 12:27:22 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.155.114:587 |
| 2020-03-26 12:27:21 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.183.194:587 |
| 2020-03-26 12:27:21 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.144.178:587 |
| 2020-03-26 12:27:21 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.176.2:587 |
| 2020-03-26 12:27:19 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.152.210:587 |
| 2020-03-26 12:27:19 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.163.2:587 |
| 2020-03-26 04:15:13 | 6c70a4dd83753f4cb028bd19dd177d40 | 18 / 72 (25.00%)
| 52.97.186.18:587 |
| 2020-03-25 21:42:53 | a00af9729eff3c313db18914f9db4be4 | 23 / 73 (31.51%)
| 52.97.189.66:587 |
| 2020-03-25 21:42:49 | a00af9729eff3c313db18914f9db4be4 | 23 / 73 (31.51%)
| 40.101.12.66:587 |
| 2020-03-25 16:19:48 | 39b961c13850e7910d07c9d1993b47a7 | 20 / 72 (27.78%)
| 52.98.16.226:587 |
| 2020-03-25 16:19:48 | 39b961c13850e7910d07c9d1993b47a7 | 20 / 72 (27.78%)
| 40.101.137.50:587 |
| 2020-03-25 16:19:43 | 39b961c13850e7910d07c9d1993b47a7 | 20 / 72 (27.78%)
| 52.97.232.242:587 |
| 2020-03-25 14:18:49 | c0d90be5de2fbba760a3ae94c4cdbf85 | 22 / 72 (30.56%)
| 40.101.18.18:587 |
| 2020-03-25 14:18:49 | c0d90be5de2fbba760a3ae94c4cdbf85 | 22 / 72 (30.56%)
| 40.101.137.34:587 |
| 2020-03-25 14:18:48 | c0d90be5de2fbba760a3ae94c4cdbf85 | 22 / 72 (30.56%)
| 52.97.144.2:587 |
| 2020-03-25 14:18:48 | c0d90be5de2fbba760a3ae94c4cdbf85 | 22 / 72 (30.56%)
| 40.101.137.98:587 |
| 2020-03-24 16:15:36 | a762b5e04a15393837dda914cebab4ed | n/a | 217.74.64.236:587 |
| 2020-03-24 15:03:49 | c09cd8de896d1a6d9615da2ed39698ea | 54 / 72 (75.00%)
| 93.17.128.122:465 |
| 2020-03-24 09:08:38 | 7667b6f0e8959af9483c55e5fdec1a5a | 55 / 73 (75.34%)
| 195.4.92.217:587 |
| 2020-03-24 09:08:38 | 7667b6f0e8959af9483c55e5fdec1a5a | 55 / 73 (75.34%)
| 91.220.42.240:587 |
| 2020-03-24 07:37:42 | a69baf43aa0d54ae533f68cd99c91b3c | 55 / 73 (75.34%)
| 185.39.146.19:465 |
| 2020-03-24 07:22:06 | fb5d99056bbec8b5c63a601e354fc338 | n/a | 195.130.217.240:587 |
| 2020-03-24 07:22:05 | fb5d99056bbec8b5c63a601e354fc338 | n/a | 162.241.78.24:465 |
| 2020-03-24 07:22:04 | fb5d99056bbec8b5c63a601e354fc338 | n/a | 146.20.161.11:587 |
| 2020-03-24 07:22:04 | fb5d99056bbec8b5c63a601e354fc338 | n/a | 93.17.128.164:465 |
| 2020-03-24 07:22:03 | fb5d99056bbec8b5c63a601e354fc338 | n/a | 68.87.20.6:587 |
| 2020-03-24 07:14:34 | f9838b48b76cd2e54b8a23f97eccd07f | n/a | 78.47.159.103:587 |
| 2020-03-24 04:36:17 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 78.94.184.162:587 |
| 2020-03-24 04:36:17 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 178.15.4.178:587 |
| 2020-03-24 04:36:17 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 37.1.88.130:587 |
| 2020-03-24 04:36:17 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 78.94.184.162:465 |
| 2020-03-24 04:36:16 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 178.15.4.178:465 |
| 2020-03-24 04:36:16 | b485bc0512c504cb7bbbc7376718970e | 55 / 73 (75.34%)
| 46.234.112.83:465 |
| 2020-03-24 03:32:32 | 5d2e7ec8465be49b01d7a210edb6021f | 55 / 73 (75.34%)
| 64.29.151.235:465 |
| 2020-03-24 03:32:31 | 5d2e7ec8465be49b01d7a210edb6021f | 55 / 73 (75.34%)
| 62.149.157.160:465 |
| 2020-03-24 01:39:15 | b4f86261b0f670996e3565eb26f75d66 | n/a | 103.6.198.201:587 |
| 2020-03-24 01:39:15 | b4f86261b0f670996e3565eb26f75d66 | n/a | 91.198.36.83:465 |
| 2020-03-24 01:39:15 | b4f86261b0f670996e3565eb26f75d66 | n/a | 202.137.235.17:587 |
| 2020-03-24 01:39:13 | b4f86261b0f670996e3565eb26f75d66 | n/a | 37.139.86.87:587 |
| 2020-03-24 00:43:19 | 498712c2e86e43156e61b25b00ff4391 | n/a | 202.137.235.17:587 |
| 2020-03-24 00:43:18 | 498712c2e86e43156e61b25b00ff4391 | n/a | 85.13.140.184:465 |
| 2020-03-24 00:43:16 | 498712c2e86e43156e61b25b00ff4391 | n/a | 85.13.140.184:587 |
| 2020-03-23 22:48:40 | 8d2e93b7521a348c90a0e3b24c3863e5 | n/a | 64.136.44.44:465 |
| 2020-03-23 22:47:49 | de87b69bef15aedf7a3b9c9e0c4e269c | 55 / 73 (75.34%)
| 205.139.110.242:587 |
| 2020-03-23 03:25:17 | c88c9a759a75c75845ee562243a89fb1 | n/a | 195.78.66.50:465 |
| 2020-03-22 07:13:33 | 7b16c7ab53f5ab79d73a22efbfec41db | n/a | 69.10.169.34:587 |
| 2020-03-22 07:13:33 | 7b16c7ab53f5ab79d73a22efbfec41db | n/a | 69.10.169.34:465 |
| 2020-03-22 07:13:33 | 7b16c7ab53f5ab79d73a22efbfec41db | n/a | 212.227.17.190:587 |
| 2020-03-22 07:13:31 | 7b16c7ab53f5ab79d73a22efbfec41db | n/a | 212.227.17.190:465 |
| 2020-03-22 07:01:23 | da89b5ed05a5819f578e88f14a98e17c | n/a | 88.79.227.253:587 |
| 2020-03-22 07:01:23 | da89b5ed05a5819f578e88f14a98e17c | n/a | 88.79.227.253:465 |
| 2020-03-21 20:40:08 | 589e063d6dff968d7f91908a8789ba24 | n/a | 160.92.124.65:465 |
| 2020-03-20 18:47:56 | c839e7df2dd538ad2021e6a37bbcf8c0 | 57 / 73 (78.08%)
| 207.211.30.107:587 |
| 2020-03-20 06:01:47 | a24cc39c2dfeecb0c5f4b015ca3a2741 | n/a | 77.88.21.158:465 |
| 2020-03-20 06:01:47 | a24cc39c2dfeecb0c5f4b015ca3a2741 | n/a | 150.70.226.147:465 |
| 2020-03-20 06:01:47 | a24cc39c2dfeecb0c5f4b015ca3a2741 | n/a | 217.69.139.160:465 |
| 2020-03-19 18:31:59 | 09e05ceb5a88f23167fbcd5c2eb275fe | n/a | 212.227.17.168:587 |
| 2020-03-19 03:37:34 | 1f20eca1556c0485144ab642d07a9c0f | 55 / 72 (76.39%)
| 211.152.42.24:465 |
| 2020-03-18 16:55:13 | 053954d663fb1affe65486cf59418ffd | n/a | 23.65.116.16:443 |
| 2020-03-18 03:16:53 | b15e6a487b49c90239046db3f2629340 | 51 / 70 (72.86%)
| 130.206.19.162:465 |
| 2020-03-07 19:04:47 | 249e052b738ab40f0e9a1f9723da6761 | 54 / 72 (75.00%)
| 5.62.42.125:443 |
| 2020-03-06 19:46:05 | 46c564d7bf821027725ac57fe9038526 | 34 / 72 (47.22%)
| 23.217.109.79:443 |
| 2020-03-06 19:46:04 | 46c564d7bf821027725ac57fe9038526 | 34 / 72 (47.22%)
| 46.255.138.38:443 |
| 2020-03-03 11:20:46 | 78f7575b066daea8d029386ef77fd66e | n/a | 104.18.90.31:443 |
| 2020-02-08 17:26:26 | 89c3792f6270ec19f49aa4ebe35ca283 | n/a | 109.71.161.200:443 |
| 2020-02-08 13:47:21 | 5b3b322cfddf0564ae3b2aad97e42d2a | n/a | 109.71.161.200:443 |
| 2020-02-08 13:30:57 | adf3894d910215fff25821358470bd86 | 49 / 72 (68.06%)
| 104.18.91.31:443 |
# of entries: 100 (max: 100)