JA3 Fingerprints
You can find further information about the JA3 fingerprint a61299f9b501adcf680b9275d79d4ac6, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | a61299f9b501adcf680b9275d79d4ac6 |
|---|---|
| First seen: | 2017-11-04 18:03:59 UTC |
| Last seen: | 2020-04-21 17:08:24 UTC |
| Status: | Blacklisted |
| Malware samples: | 50 |
| Destination IPs: | 27 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 12:51:05 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2023-10-10 14:23:35 | 0dbbf19f01263ab9d42f58e2590a2fbe | n/a | 23.64.236.252:443 |
| 2023-10-03 12:52:41 | fee05355f11b9b0eea6e57b881610c22 | n/a | 23.67.133.187:443 |
| 2023-10-03 10:00:13 | 3cff98b86001d360c40644c3d1bdd9a4 | n/a | 23.50.97.42:443 |
| 2023-07-23 14:19:52 | a181e92e808ca5aa0a45900e4a6120da | n/a | 104.81.130.161:443 |
| 2023-07-23 14:19:52 | a181e92e808ca5aa0a45900e4a6120da | n/a | 23.50.97.42:443 |
| 2023-04-10 12:51:33 | 834af2d95f666b612d5ca6e2a673bb7b |  57 / 69 (82.61%)
| 23.50.97.42:443 |
| 2023-01-31 17:08:56 | 22f1d176948b4253e800c54e1afe0cb7 | 52 / 70 (74.29%)
| 23.50.97.42:443 |
| 2023-01-31 17:05:49 | 0d8ff188e14d2d330dfee331bf1f30b4 | 53 / 70 (75.71%)
| 23.222.59.146:443 |
| 2022-08-22 19:12:40 | 884517a95550b03fc2ad295d5480e1bc | n/a | 87.240.185.131:443 |
| 2022-08-22 19:12:40 | 884517a95550b03fc2ad295d5480e1bc | n/a | 87.240.185.147:443 |
| 2022-08-22 19:12:39 | 884517a95550b03fc2ad295d5480e1bc | n/a | 87.240.185.128:443 |
| 2022-08-22 19:12:39 | 884517a95550b03fc2ad295d5480e1bc | n/a | 87.240.185.160:443 |
| 2022-08-22 19:12:39 | 884517a95550b03fc2ad295d5480e1bc | n/a | 93.186.227.136:443 |
| 2022-08-22 19:12:39 | 884517a95550b03fc2ad295d5480e1bc | n/a | 93.186.227.130:443 |
| 2022-08-22 19:12:39 | 884517a95550b03fc2ad295d5480e1bc | n/a | 93.186.227.150:443 |
| 2022-08-22 19:12:39 | 884517a95550b03fc2ad295d5480e1bc | n/a | 93.186.227.137:443 |
| 2022-08-22 19:12:39 | 884517a95550b03fc2ad295d5480e1bc | n/a | 87.240.169.10:443 |
| 2020-04-21 17:08:24 | 125c8c1bfe684223c36f5258b7aadbf4 | 41 / 72 (56.94%)
| 104.19.236.56:443 |
| 2020-04-21 17:08:24 | 125c8c1bfe684223c36f5258b7aadbf4 | 41 / 72 (56.94%)
| 104.19.236.56:443 |
| 2020-04-10 18:39:42 | c7777b9401bde070e12a26b763096273 | 42 / 72 (58.33%)
| 104.19.237.56:443 |
| 2020-04-10 18:39:42 | c7777b9401bde070e12a26b763096273 | 42 / 72 (58.33%)
| 104.19.237.56:443 |
| 2020-03-19 21:25:45 | a990bfa906c958fd3e735278ef046e41 | 54 / 73 (73.97%)
| 104.19.236.56:443 |
| 2020-03-19 21:25:45 | a990bfa906c958fd3e735278ef046e41 | 54 / 73 (73.97%)
| 104.19.236.56:443 |
| 2020-02-17 14:54:35 | 130c8bd24889b7cd12b0394b52e30a81 | 31 / 72 (43.06%)
| 104.19.237.56:443 |
| 2020-02-17 14:54:35 | 130c8bd24889b7cd12b0394b52e30a81 | 31 / 72 (43.06%)
| 104.19.237.56:443 |
| 2020-01-30 11:07:21 | ae3158f1242a91049332358fb32274e0 | 37 / 71 (52.11%)
| 192.225.209.8:443 |
| 2020-01-30 11:07:21 | ae3158f1242a91049332358fb32274e0 | 37 / 71 (52.11%)
| 192.225.209.8:443 |
| 2020-01-30 11:07:19 | ae3158f1242a91049332358fb32274e0 | 37 / 71 (52.11%)
| 104.19.236.56:443 |
| 2020-01-30 11:07:19 | ae3158f1242a91049332358fb32274e0 | 37 / 71 (52.11%)
| 104.19.236.56:443 |
| 2019-06-17 03:14:59 | 45446e5b8db08c94f3806321d05881f1 | 37/70 (52.86%)
| 104.20.164.27:443 |
| 2019-06-17 03:14:59 | 45446e5b8db08c94f3806321d05881f1 | 37/70 (52.86%)
| 104.20.165.27:443 |
| 2019-06-17 03:14:59 | 45446e5b8db08c94f3806321d05881f1 | 37/70 (52.86%)
| 104.20.164.27:443 |
| 2019-06-17 03:14:59 | 45446e5b8db08c94f3806321d05881f1 | 37/70 (52.86%)
| 104.20.165.27:443 |
| 2019-04-13 08:05:28 | 181fd33234b4ad0fe7ca009fee19dc9f | 6/66 (9.09%)
| 104.20.165.27:443 |
| 2019-04-13 08:05:28 | 181fd33234b4ad0fe7ca009fee19dc9f | 6/66 (9.09%)
| 104.20.165.27:443 |
| 2018-12-29 01:46:46 | b27e2573f4fcae368b9104f0912d3edf | 45/71 (63.38%)
| 193.252.242.25:443 |
| 2018-12-29 01:46:46 | b27e2573f4fcae368b9104f0912d3edf | 45/71 (63.38%)
| 193.252.242.25:443 |
| 2018-12-28 01:43:12 | 117f62878ac1929ddd9526463de87b72 | 43/71 (60.56%)
| 193.252.242.125:443 |
| 2018-12-28 01:43:12 | 117f62878ac1929ddd9526463de87b72 | 43/71 (60.56%)
| 193.252.242.125:443 |
| 2018-12-24 22:19:07 | 424f7b8edf5d150c7a248ad789512bc4 | 39/69 (56.52%)
| 193.252.242.125:443 |
| 2018-12-24 22:19:07 | 424f7b8edf5d150c7a248ad789512bc4 | 39/69 (56.52%)
| 193.252.242.125:443 |
| 2018-12-09 00:59:43 | 99baca5d78a6427843dba64a5fc0c083 | 39/71 (54.93%)
| 193.252.242.125:443 |
| 2018-12-09 00:59:43 | 99baca5d78a6427843dba64a5fc0c083 | 39/71 (54.93%)
| 193.252.242.125:443 |
| 2018-04-11 14:14:01 | bffc328157754eea97604bdd0b4ae3b5 | 45/68 (66.18%)
| 31.13.91.2:443 |
| 2018-04-11 14:14:01 | bffc328157754eea97604bdd0b4ae3b5 | 45/68 (66.18%)
| 31.13.91.2:443 |
| 2018-01-30 09:37:30 | 0644de0d042dffbf136867cd2b7a8650 | 14/66 (21.21%)
| 31.13.69.197:443 |
| 2018-01-30 09:37:30 | 0644de0d042dffbf136867cd2b7a8650 | 14/66 (21.21%)
| 31.13.69.197:443 |
| 2018-01-25 05:35:58 | e485a8828410ee65c7eeac8d2e212a9f | 46/66 (69.70%)
| 31.13.69.197:443 |
| 2018-01-25 05:35:58 | e485a8828410ee65c7eeac8d2e212a9f | 46/66 (69.70%)
| 31.13.69.197:443 |
| 2018-01-23 18:26:19 | f80df5133528d38f9385fd20b4963635 | 30/66 (45.45%)
| 31.13.69.197:443 |
| 2018-01-23 18:26:19 | f80df5133528d38f9385fd20b4963635 | 30/66 (45.45%)
| 31.13.69.197:443 |
| 2018-01-23 14:06:41 | aff40deb476fc3f227917c8eca81e925 | 12/66 (18.18%)
| 31.13.69.197:443 |
| 2018-01-23 14:06:41 | aff40deb476fc3f227917c8eca81e925 | 12/66 (18.18%)
| 31.13.69.197:443 |
| 2018-01-23 00:35:22 | 636650c7fe575b442b88aca1f00ff556 | 14/66 (21.21%)
| 31.13.69.197:443 |
| 2018-01-23 00:35:22 | 636650c7fe575b442b88aca1f00ff556 | 14/66 (21.21%)
| 31.13.69.197:443 |
| 2018-01-22 21:23:22 | 6e2f5d85b144deaf0cb8dc5827344c51 | 40/65 (61.54%)
| 31.13.69.197:443 |
| 2018-01-22 21:23:22 | 6e2f5d85b144deaf0cb8dc5827344c51 | 40/65 (61.54%)
| 31.13.69.197:443 |
| 2018-01-22 20:07:24 | 90bac151ec6e99a522f3cb57bd0362ee | 13/64 (20.31%)
| 31.13.69.197:443 |
| 2018-01-22 20:07:24 | 90bac151ec6e99a522f3cb57bd0362ee | 13/64 (20.31%)
| 31.13.69.197:443 |
| 2018-01-21 16:40:04 | f6130af4fdc13b1e452767ea9cc27080 | 16/66 (24.24%)
| 31.13.69.197:443 |
| 2018-01-21 16:40:04 | f6130af4fdc13b1e452767ea9cc27080 | 16/66 (24.24%)
| 31.13.69.197:443 |
| 2018-01-15 23:22:15 | e70dc7260416996a8b62ff3b6e0420f6 | 15/68 (22.06%)
| 31.13.69.197:443 |
| 2018-01-15 23:22:15 | e70dc7260416996a8b62ff3b6e0420f6 | 15/68 (22.06%)
| 31.13.69.197:443 |
| 2018-01-12 14:02:46 | 2e93fd814178e85ad8d182f0d3548d17 | 42/67 (62.69%)
| 31.13.69.197:443 |
| 2018-01-12 14:02:46 | 2e93fd814178e85ad8d182f0d3548d17 | 42/67 (62.69%)
| 31.13.69.197:443 |
| 2018-01-10 18:45:23 | ecf1106d0bbb455ba188e7a2c4cc1e1a | 14/68 (20.59%)
| 157.240.20.15:443 |
| 2018-01-10 18:45:23 | ecf1106d0bbb455ba188e7a2c4cc1e1a | 14/68 (20.59%)
| 157.240.20.15:443 |
| 2018-01-09 19:33:20 | b4288a36234bc83c7ee656a4d0283186 | 12/68 (17.65%)
| 157.240.20.15:443 |
| 2018-01-09 19:33:20 | b4288a36234bc83c7ee656a4d0283186 | 12/68 (17.65%)
| 157.240.20.15:443 |
| 2018-01-09 19:28:55 | b78bf95f011f531060c2d50ac5e2890e | 24/68 (35.29%)
| 157.240.20.15:443 |
| 2018-01-09 19:28:55 | b78bf95f011f531060c2d50ac5e2890e | 24/68 (35.29%)
| 157.240.20.15:443 |
| 2018-01-09 14:45:28 | 22c0ba07da7193eebb78803e3375b9c3 | 16/68 (23.53%)
| 157.240.20.15:443 |
| 2018-01-09 14:45:28 | 22c0ba07da7193eebb78803e3375b9c3 | 16/68 (23.53%)
| 157.240.20.15:443 |
| 2018-01-09 00:28:11 | e4215da6af48146018316783eab0696b | 21/67 (31.34%)
| 157.240.20.15:443 |
| 2018-01-09 00:28:11 | e4215da6af48146018316783eab0696b | 21/67 (31.34%)
| 157.240.20.15:443 |
| 2018-01-08 16:04:16 | d7c44c4311738e8808b1ed2b6bac95fa | 32/68 (47.06%)
| 31.13.91.2:443 |
| 2018-01-08 16:04:16 | d7c44c4311738e8808b1ed2b6bac95fa | 32/68 (47.06%)
| 31.13.91.2:443 |
| 2018-01-08 08:26:41 | adb32e1be76138eae4a00af0f243ae45 | 27/68 (39.71%)
| 157.240.20.15:443 |
| 2018-01-08 08:26:41 | adb32e1be76138eae4a00af0f243ae45 | 27/68 (39.71%)
| 157.240.20.15:443 |
| 2018-01-08 08:18:49 | 9bf2de044b190dcb3c3594e3be76cbd3 | 25/68 (36.76%)
| 157.240.20.15:443 |
| 2018-01-08 08:18:49 | 9bf2de044b190dcb3c3594e3be76cbd3 | 25/68 (36.76%)
| 157.240.20.15:443 |
| 2018-01-08 05:35:34 | 5289604c9700565eb3f34b0fcc0dbb26 | 40/68 (58.82%)
| 157.240.20.15:443 |
| 2018-01-08 05:35:34 | 5289604c9700565eb3f34b0fcc0dbb26 | 40/68 (58.82%)
| 157.240.20.15:443 |
| 2018-01-08 01:52:13 | 16f372308299b5d3656614da10e3c86e | 14/68 (20.59%)
| 31.13.91.2:443 |
| 2018-01-08 01:52:13 | 16f372308299b5d3656614da10e3c86e | 14/68 (20.59%)
| 31.13.91.2:443 |
| 2018-01-07 23:58:09 | 8904a531afdae5e2259b09d462a89e47 | 28/65 (43.08%)
| 31.13.91.2:443 |
| 2018-01-07 23:58:09 | 8904a531afdae5e2259b09d462a89e47 | 28/65 (43.08%)
| 31.13.91.2:443 |
| 2018-01-07 23:42:12 | 9c5f8c719c3eb378567fc733685af84e | 41/67 (61.19%)
| 31.13.91.2:443 |
| 2018-01-07 23:42:12 | 9c5f8c719c3eb378567fc733685af84e | 41/67 (61.19%)
| 31.13.91.2:443 |
| 2018-01-07 18:03:43 | 7924edc1de31c09aed8bd2ebcae9d217 | 33/68 (48.53%)
| 31.13.91.2:443 |
| 2018-01-07 18:03:43 | 7924edc1de31c09aed8bd2ebcae9d217 | 33/68 (48.53%)
| 31.13.91.2:443 |
| 2018-01-07 11:47:54 | a709c1c3c63290398dfa813d47847448 | 46/68 (67.65%)
| 31.13.91.2:443 |
| 2018-01-07 11:47:54 | a709c1c3c63290398dfa813d47847448 | 46/68 (67.65%)
| 31.13.91.2:443 |
| 2018-01-04 06:02:04 | 2ef262f34ba89932cf10a106f1f461fd | 46/67 (68.66%)
| 31.13.91.2:443 |
| 2018-01-04 06:02:04 | 2ef262f34ba89932cf10a106f1f461fd | 46/67 (68.66%)
| 31.13.91.2:443 |
| 2018-01-04 02:08:12 | 0c04748bb3aa40b0ff686eda3c7e008d | 38/68 (55.88%)
| 31.13.69.197:443 |
| 2018-01-04 02:08:12 | 0c04748bb3aa40b0ff686eda3c7e008d | 38/68 (55.88%)
| 31.13.69.197:443 |
| 2018-01-03 11:41:37 | 179152d355a7ff589910fffe30ca20da | 46/66 (69.70%)
| 31.13.71.1:443 |
| 2018-01-03 11:41:37 | 179152d355a7ff589910fffe30ca20da | 46/66 (69.70%)
| 31.13.71.1:443 |
| 2017-12-31 12:24:07 | 191bc5404aa0afe394fdda4361aab28c | 31/68 (45.59%)
| 31.13.70.1:443 |
# of entries: 100 (max: 100)