JA3 Fingerprints
You can find further information about the JA3 fingerprint 96eba628dcb2b47607192ba74a3b55ba, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | 96eba628dcb2b47607192ba74a3b55ba |
|---|---|
| First seen: | 2017-07-19 18:53:48 UTC |
| Last seen: | 2020-11-13 17:37:05 UTC |
| Status: | Blacklisted |
| Malware samples: | 1'375 |
| Destination IPs: | 208 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 11:49:02 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-11-13 17:37:05 | 61b4f8c99c90c8c2173299aac4b9f306 | n/a | 107.161.178.2:465 |
| 2020-11-13 17:37:04 | 61b4f8c99c90c8c2173299aac4b9f306 | n/a | 107.161.178.2:587 |
| 2020-11-13 14:06:45 | b4c4e0f4ee5f26134644ed48da9f2f82 | n/a | 193.70.18.144:465 |
| 2020-11-13 14:06:45 | b4c4e0f4ee5f26134644ed48da9f2f82 | n/a | 193.70.18.144:587 |
| 2020-11-11 12:33:55 | a758d67f99944a1ab5e5237d842e7611 | n/a | 213.209.1.145:587 |
| 2020-11-10 19:05:49 | a6cbe29d4d7745d7d83895d460ef8396 |  42 / 71 (59.15%)
| 212.227.17.190:465 |
| 2020-10-22 11:59:14 | cfcd4edd2a5c3212a649c90e8c28108f | 38 / 69 (55.07%)
| 195.130.217.210:587 |
| 2020-10-22 11:59:14 | cfcd4edd2a5c3212a649c90e8c28108f | 38 / 69 (55.07%)
| 212.77.101.1:587 |
| 2020-10-22 11:59:13 | cfcd4edd2a5c3212a649c90e8c28108f | 38 / 69 (55.07%)
| 62.241.4.2:465 |
| 2020-10-22 11:59:13 | cfcd4edd2a5c3212a649c90e8c28108f | 38 / 69 (55.07%)
| 203.36.137.241:465 |
| 2020-10-22 11:58:09 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 82.215.18.88:465 |
| 2020-10-22 11:58:09 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 207.69.189.208:587 |
| 2020-10-22 11:58:09 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 107.6.16.19:587 |
| 2020-10-22 11:58:09 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 87.229.120.69:465 |
| 2020-10-22 11:58:09 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 208.84.244.140:587 |
| 2020-10-22 11:58:08 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 62.254.26.221:465 |
| 2020-10-22 11:58:08 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 194.105.232.72:587 |
| 2020-10-22 11:58:08 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 107.6.16.19:465 |
| 2020-10-22 11:58:08 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 207.251.194.25:465 |
| 2020-10-22 11:58:08 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 200.147.35.206:587 |
| 2020-10-22 11:58:08 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 34.102.136.180:465 |
| 2020-10-22 11:58:08 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 212.54.42.9:587 |
| 2020-10-22 11:58:08 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 217.74.64.235:465 |
| 2020-10-22 11:58:07 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 59.157.128.15:587 |
| 2020-10-22 11:58:07 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 64.136.52.45:465 |
| 2020-10-22 11:58:07 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 195.3.96.71:587 |
| 2020-10-22 11:58:07 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 91.189.182.70:587 |
| 2020-10-22 11:58:07 | cd9dc6f9dc091d4923eacc1756b4894d | 52 / 67 (77.61%)
| 64.136.52.44:465 |
| 2020-10-22 11:44:24 | c8aeb722eba7793a59dfacfcd088c615 | 44 / 70 (62.86%)
| 64.136.52.44:465 |
| 2020-10-22 11:44:24 | c8aeb722eba7793a59dfacfcd088c615 | 44 / 70 (62.86%)
| 202.137.235.17:587 |
| 2020-10-22 11:44:24 | c8aeb722eba7793a59dfacfcd088c615 | 44 / 70 (62.86%)
| 62.24.139.43:587 |
| 2020-10-22 11:44:23 | c8aeb722eba7793a59dfacfcd088c615 | 44 / 70 (62.86%)
| 208.84.244.49:587 |
| 2020-10-22 11:44:22 | c8aeb722eba7793a59dfacfcd088c615 | 44 / 70 (62.86%)
| 195.3.96.71:587 |
| 2020-10-22 11:44:22 | c8aeb722eba7793a59dfacfcd088c615 | 44 / 70 (62.86%)
| 195.4.92.215:587 |
| 2020-10-19 15:23:40 | bffff24f8fc9e659be164759f9155e84 | n/a | 202.137.237.24:587 |
| 2020-10-19 15:23:40 | bffff24f8fc9e659be164759f9155e84 | n/a | 202.137.237.24:465 |
| 2020-10-15 19:50:30 | 6c8dfa80a8c8d03a3effcf406278f454 | n/a | 64.98.36.213:465 |
| 2020-10-15 19:50:29 | 6c8dfa80a8c8d03a3effcf406278f454 | n/a | 64.98.36.213:587 |
| 2020-10-15 19:36:28 | 646afd46ece4fc841fef363a33d7e604 | n/a | 69.90.160.140:587 |
| 2020-10-15 19:10:53 | 43d77e17c03611be32fa01324ce88e01 | n/a | 104.18.100.40:443 |
| 2020-10-15 18:43:31 | 1e82620a3663a7d00dea0a7155d5fe9a | n/a | 35.209.169.142:587 |
| 2020-10-15 18:43:31 | 1e82620a3663a7d00dea0a7155d5fe9a | n/a | 104.18.100.40:443 |
| 2020-10-15 18:43:31 | 1e82620a3663a7d00dea0a7155d5fe9a | n/a | 35.209.169.142:465 |
| 2020-10-14 21:38:06 | 6e690503e4350197c180081b22e9705b | 49 / 70 (70.00%)
| 143.95.252.192:587 |
| 2020-10-14 20:15:05 | 3af33f8eab0b4678b5270c2a151d7af5 | 54 / 71 (76.06%)
| 65.254.248.128:587 |
| 2020-10-08 10:09:18 | b66534551723e606ec1b5ea2bb951a45 | 42 / 70 (60.00%)
| 64.29.145.104:587 |
| 2020-10-07 14:12:11 | a9df76048a5789c5489bf5059fbd0649 | 56 / 70 (80.00%)
| 208.84.244.140:587 |
| 2020-10-07 14:12:11 | a9df76048a5789c5489bf5059fbd0649 | 56 / 70 (80.00%)
| 195.3.96.71:587 |
| 2020-10-03 02:48:49 | b2f392046684883429b752f6f975d978 | 40 / 71 (56.34%)
| 191.252.112.194:465 |
| 2020-10-03 02:48:49 | b2f392046684883429b752f6f975d978 | 40 / 71 (56.34%)
| 191.252.112.194:587 |
| 2020-09-28 05:46:34 | 9f426143bfc4922c4ec66aa7d39dd821 | n/a | 104.18.101.40:443 |
| 2020-08-26 17:25:01 | 1d32942e609d33a2601813a742cdd70a | 2 / 69 (2.90%)
| 14.152.76.124:443 |
| 2020-08-26 17:25:01 | 1d32942e609d33a2601813a742cdd70a | 2 / 69 (2.90%)
| 116.211.20.149:443 |
| 2020-08-11 09:50:33 | 1b571468a0598b904163c0e0a36ab28f | n/a | 104.18.100.40:443 |
| 2020-07-12 13:22:14 | aa05fcc00da94cafd415a8325b8bbe7e | 49 / 73 (67.12%)
| 104.18.100.40:443 |
| 2020-06-26 14:02:18 | 9b63386086d02b5603c6b7256a6354b7 | 45 / 74 (60.81%)
| 104.18.100.40:443 |
| 2020-06-26 13:45:54 | 9ae23d5dc699b191a8474fee396f8c81 | 45 / 73 (61.64%)
| 104.18.101.40:443 |
| 2020-05-22 00:42:19 | 104c1c9ec207cc9769b7a2e808a403af | 19 / 73 (26.03%)
| 104.18.101.40:443 |
| 2020-05-03 10:26:32 | b181f81cd098e62dc89ab272eca62189 | 25 / 72 (34.72%)
| 2.21.37.119:443 |
| 2020-04-16 05:21:30 | bbf841eb7a5a1be33296989686e29e94 | 49 / 73 (67.12%)
| 62.254.26.221:465 |
| 2020-04-16 05:21:30 | bbf841eb7a5a1be33296989686e29e94 | 49 / 73 (67.12%)
| 193.239.68.85:465 |
| 2020-04-16 05:21:29 | bbf841eb7a5a1be33296989686e29e94 | 49 / 73 (67.12%)
| 213.197.24.128:587 |
| 2020-04-16 05:21:29 | bbf841eb7a5a1be33296989686e29e94 | 49 / 73 (67.12%)
| 167.206.5.250:587 |
| 2020-04-15 23:29:22 | d621a78cf6343c38fa7356b7a2846ddd | 64 / 73 (87.67%)
| 109.123.210.15:465 |
| 2020-04-15 23:29:21 | d621a78cf6343c38fa7356b7a2846ddd | 64 / 73 (87.67%)
| 202.137.235.17:587 |
| 2020-04-08 19:07:43 | 64973f901d651b517042992215d0f9ef | 42 / 73 (57.53%)
| 23.211.5.207:443 |
| 2020-03-29 22:23:33 | f7d66bb0bb618da703f6fd87ef45ba9a | 64 / 73 (87.67%)
| 109.244.2.106:443 |
| 2020-03-29 22:23:33 | f7d66bb0bb618da703f6fd87ef45ba9a | 64 / 73 (87.67%)
| 14.152.76.126:443 |
| 2020-03-29 20:01:18 | 1022bf5a12187529ee99567cfbe7138b | 54 / 72 (75.00%)
| 195.206.40.175:587 |
| 2020-03-29 19:59:49 | 3fbdd253b9cf04880b507036cf4f7006 | n/a | 167.206.5.250:587 |
| 2020-03-29 19:43:11 | 642de6bd90909dbb88d92c52a5e74aa9 | n/a | 167.206.5.250:587 |
| 2020-03-29 19:27:43 | 83c6fa49c906279907c4d1a8096acd10 | n/a | 193.17.41.99:465 |
| 2020-03-29 19:26:39 | 8bf187ad55d69a0559f450da50d5d85c | n/a | 68.87.20.6:587 |
| 2020-03-29 19:14:45 | 6983ad9c106dc7b8052c63c52270266f | n/a | 206.152.134.66:587 |
| 2020-03-29 18:57:16 | d9c6d779a9957388ebd9810b36d67d07 | n/a | 213.46.255.69:465 |
| 2020-03-29 18:49:16 | e0622880c71489be90ad58ea1ef58d0f | n/a | 91.220.42.220:587 |
| 2020-03-29 18:37:34 | a2aa593758aeed77aafc88840d25af0c | n/a | 77.88.21.158:465 |
| 2020-03-29 18:37:33 | a2aa593758aeed77aafc88840d25af0c | n/a | 23.211.5.207:443 |
| 2020-03-28 08:13:18 | 7d0d77195b18f47e203629bbd0044018 | n/a | 52.97.133.162:587 |
| 2020-03-28 00:44:33 | 060d3c57ad3a89c6e600bb586cc814d0 | 19 / 65 (29.23%)
| 52.97.133.226:587 |
| 2020-03-27 08:06:45 | 99b6fc26f6a4f013ae61cc3102e3a392 | n/a | 52.97.232.194:587 |
| 2020-03-26 19:49:31 | cdf6c5b37844378a0f1dfd0fcb89cda1 | 33 / 72 (45.83%)
| 52.97.189.98:587 |
| 2020-03-26 19:49:28 | cdf6c5b37844378a0f1dfd0fcb89cda1 | 33 / 72 (45.83%)
| 40.101.80.18:587 |
| 2020-03-26 19:49:25 | cdf6c5b37844378a0f1dfd0fcb89cda1 | 33 / 72 (45.83%)
| 52.97.232.210:587 |
| 2020-03-26 14:05:43 | 7563c96137f187d0dd3277f2b2e9fd77 | n/a | 52.97.176.34:587 |
| 2020-03-26 13:57:59 | d86b5aad90c5c2928fdff9718cb8ef24 | 21 / 71 (29.58%)
| 52.97.165.146:587 |
| 2020-03-26 13:57:57 | d86b5aad90c5c2928fdff9718cb8ef24 | 21 / 71 (29.58%)
| 52.97.129.242:587 |
| 2020-03-26 12:27:22 | 5a372fae95b828405954a558e723fd26 | n/a | 40.101.80.18:587 |
| 2020-03-26 12:27:22 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.155.114:587 |
| 2020-03-26 12:27:21 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.183.194:587 |
| 2020-03-26 12:27:21 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.144.178:587 |
| 2020-03-26 12:27:21 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.176.2:587 |
| 2020-03-26 12:27:19 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.152.210:587 |
| 2020-03-26 12:27:19 | 5a372fae95b828405954a558e723fd26 | n/a | 52.97.163.2:587 |
| 2020-03-26 04:15:13 | 6c70a4dd83753f4cb028bd19dd177d40 | 18 / 72 (25.00%)
| 52.97.186.18:587 |
| 2020-03-25 21:42:53 | a00af9729eff3c313db18914f9db4be4 | 23 / 73 (31.51%)
| 52.97.189.66:587 |
| 2020-03-25 21:42:49 | a00af9729eff3c313db18914f9db4be4 | 23 / 73 (31.51%)
| 40.101.12.66:587 |
| 2020-03-25 16:19:48 | 39b961c13850e7910d07c9d1993b47a7 | 20 / 72 (27.78%)
| 52.98.16.226:587 |
| 2020-03-25 16:19:48 | 39b961c13850e7910d07c9d1993b47a7 | 20 / 72 (27.78%)
| 40.101.137.50:587 |
| 2020-03-25 16:19:43 | 39b961c13850e7910d07c9d1993b47a7 | 20 / 72 (27.78%)
| 52.97.232.242:587 |
# of entries: 100 (max: 100)