JA3 Fingerprints
You can find further information about the JA3 fingerprint b90bdbe961a648f0427db21aaa6ccb59, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | b90bdbe961a648f0427db21aaa6ccb59 |
|---|---|
| First seen: | 2018-03-11 10:37:43 UTC |
| Last seen: | 2020-05-29 23:39:01 UTC |
| Status: | Blacklisted |
| Malware samples: | 2'516 |
| Destination IPs: | 505 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 00:00:00 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-05-29 23:39:01 | 3c43139fe11d77d4578ce7a103c2b270 |  39 / 73 (53.42%)
| 172.217.20.68:443 |
| 2020-05-29 23:39:01 | 3c43139fe11d77d4578ce7a103c2b270 | 39 / 73 (53.42%)
| 172.217.20.68:443 |
| 2020-05-29 19:24:57 | 0727c17c50d6510ef9324241ad001439 | 34 / 73 (46.58%)
| 172.217.17.36:443 |
| 2020-05-29 19:24:57 | 0727c17c50d6510ef9324241ad001439 | 34 / 73 (46.58%)
| 172.217.17.36:443 |
| 2020-05-29 18:42:14 | 1818543d2a2006ae9b498cdec8d1417d | 52 / 73 (71.23%)
| 172.217.168.196:443 |
| 2020-05-29 18:42:14 | 1818543d2a2006ae9b498cdec8d1417d | 52 / 73 (71.23%)
| 172.217.168.196:443 |
| 2020-05-28 07:06:36 | 4dd41c1bbce7c0b3ddc1543120720dd2 | 44 / 72 (61.11%)
| 216.58.205.228:443 |
| 2020-05-28 07:06:36 | 4dd41c1bbce7c0b3ddc1543120720dd2 | 44 / 72 (61.11%)
| 216.58.205.228:443 |
| 2020-05-28 05:00:43 | 466ed58ba6a11b82128bfbf739374f90 | 41 / 72 (56.94%)
| 172.217.19.196:443 |
| 2020-05-28 05:00:43 | 466ed58ba6a11b82128bfbf739374f90 | 41 / 72 (56.94%)
| 172.217.19.196:443 |
| 2020-05-27 21:20:21 | 43825ee614393a8a18d2af57e3b2761f | 45 / 73 (61.64%)
| 172.217.17.100:443 |
| 2020-05-27 21:20:21 | 43825ee614393a8a18d2af57e3b2761f | 45 / 73 (61.64%)
| 172.217.17.100:443 |
| 2020-05-27 20:42:41 | 42dafbd1c80c1e365f9531b94251cc84 | 42 / 72 (58.33%)
| 172.217.17.68:443 |
| 2020-05-27 20:42:41 | 42dafbd1c80c1e365f9531b94251cc84 | 42 / 72 (58.33%)
| 172.217.17.68:443 |
| 2020-05-25 18:58:09 | 186c95da68793cb3a44f0a0f2345058a | 43 / 71 (60.56%)
| 216.58.205.228:443 |
| 2020-05-25 18:58:09 | 186c95da68793cb3a44f0a0f2345058a | 43 / 71 (60.56%)
| 216.58.205.228:443 |
| 2020-05-24 05:29:38 | 70ac5436a28b279426146bb4e6903343 | 49 / 73 (67.12%)
| 172.217.17.36:443 |
| 2020-05-24 05:29:38 | 70ac5436a28b279426146bb4e6903343 | 49 / 73 (67.12%)
| 172.217.17.36:443 |
| 2020-05-24 04:23:43 | 6e6cf071b8e0f2a2fcb41ace54e9b87c | 42 / 72 (58.33%)
| 172.217.19.196:443 |
| 2020-05-24 04:23:43 | 6e6cf071b8e0f2a2fcb41ace54e9b87c | 42 / 72 (58.33%)
| 172.217.19.196:443 |
| 2020-05-23 22:22:32 | 6139c2025a852ba46625728ebe0043ff | 37 / 72 (51.39%)
| 172.217.17.36:443 |
| 2020-05-23 22:22:32 | 6139c2025a852ba46625728ebe0043ff | 37 / 72 (51.39%)
| 172.217.17.36:443 |
| 2020-05-23 21:11:28 | 5f115873fb6b326995fc21f752c4dd9d | 40 / 72 (55.56%)
| 172.217.17.68:443 |
| 2020-05-23 21:11:28 | 5f115873fb6b326995fc21f752c4dd9d | 40 / 72 (55.56%)
| 172.217.17.68:443 |
| 2020-05-23 18:43:16 | 5a1a11888f0f0931090d60e4f649f519 | 50 / 72 (69.44%)
| 216.58.205.228:443 |
| 2020-05-23 18:43:16 | 5a1a11888f0f0931090d60e4f649f519 | 50 / 72 (69.44%)
| 216.58.205.228:443 |
| 2020-05-23 18:43:15 | 5a1a11888f0f0931090d60e4f649f519 | 50 / 72 (69.44%)
| 172.217.22.4:443 |
| 2020-05-23 18:43:15 | 5a1a11888f0f0931090d60e4f649f519 | 50 / 72 (69.44%)
| 172.217.22.4:443 |
| 2020-04-16 05:21:30 | bbf841eb7a5a1be33296989686e29e94 | 49 / 73 (67.12%)
| 172.217.17.67:443 |
| 2020-04-16 05:21:30 | bbf841eb7a5a1be33296989686e29e94 | 49 / 73 (67.12%)
| 172.217.17.67:443 |
| 2020-04-14 19:38:37 | 18a79cf04e7726ac90e23d1133c66be0 | 57 / 73 (78.08%)
| 216.58.194.99:443 |
| 2020-04-14 19:38:37 | 18a79cf04e7726ac90e23d1133c66be0 | 57 / 73 (78.08%)
| 216.58.194.99:443 |
| 2020-04-11 03:47:20 | b52ef42e97e1645ed7bb15a72230bafa | 46 / 73 (63.01%)
| 172.217.20.67:443 |
| 2020-04-11 03:47:20 | b52ef42e97e1645ed7bb15a72230bafa | 46 / 73 (63.01%)
| 172.217.20.67:443 |
| 2020-04-11 00:26:48 | ad7af2a0453f66b89acbb4add75aa9aa | 46 / 73 (63.01%)
| 216.58.194.99:443 |
| 2020-04-11 00:26:48 | ad7af2a0453f66b89acbb4add75aa9aa | 46 / 73 (63.01%)
| 216.58.194.99:443 |
| 2020-04-10 23:01:27 | 0a42d7a3b6b2fc7affb3036442087be1 | n/a | 172.217.20.99:443 |
| 2020-04-10 23:01:27 | 0a42d7a3b6b2fc7affb3036442087be1 | n/a | 172.217.20.99:443 |
| 2020-04-08 23:56:12 | c4f9b2a0c97e963f0f7d3e7182433e5b | 48 / 70 (68.57%)
| 74.125.197.94:443 |
| 2020-04-08 23:56:12 | c4f9b2a0c97e963f0f7d3e7182433e5b | 48 / 70 (68.57%)
| 74.125.197.94:443 |
| 2020-04-08 14:40:47 | c192acaecb2d41271ad0e3022f808bb5 | 49 / 71 (69.01%)
| 216.58.215.227:443 |
| 2020-04-08 14:40:47 | c192acaecb2d41271ad0e3022f808bb5 | 49 / 71 (69.01%)
| 216.58.215.227:443 |
| 2020-04-07 07:01:43 | 607e2b02159d06fe393ff53bf2fbedf4 | n/a | 172.217.168.3:443 |
| 2020-04-07 07:01:43 | 607e2b02159d06fe393ff53bf2fbedf4 | n/a | 172.217.168.3:443 |
| 2020-04-07 06:56:22 | bbdac39b84c46b1e5c700da12252a374 | 55 / 73 (75.34%)
| 172.217.168.3:443 |
| 2020-04-07 06:56:22 | bbdac39b84c46b1e5c700da12252a374 | 55 / 73 (75.34%)
| 172.217.168.3:443 |
| 2020-04-07 06:48:17 | e11b6d57502097f45b952267a27a4c9f | n/a | 216.58.215.227:443 |
| 2020-04-07 06:48:17 | e11b6d57502097f45b952267a27a4c9f | n/a | 216.58.215.227:443 |
| 2020-04-07 06:39:52 | ef96067164e6bcb33439b5f68a97ce04 | n/a | 172.217.17.67:443 |
| 2020-04-07 06:39:52 | ef96067164e6bcb33439b5f68a97ce04 | n/a | 172.217.17.67:443 |
| 2020-04-06 19:45:11 | be15f4d76fc5f03f95bbe4cc7d560d93 | 35 / 71 (49.30%)
| 172.217.20.99:443 |
| 2020-04-06 19:45:11 | be15f4d76fc5f03f95bbe4cc7d560d93 | 35 / 71 (49.30%)
| 172.217.20.99:443 |
| 2020-04-05 14:09:38 | ac65e5b71679b7d3c447fb6e3fbaffa3 | 47 / 71 (66.20%)
| 172.217.20.99:443 |
| 2020-04-05 14:09:38 | ac65e5b71679b7d3c447fb6e3fbaffa3 | 47 / 71 (66.20%)
| 172.217.20.99:443 |
| 2020-04-05 05:48:25 | b4356e66d34b310f0e007d80d7244081 | 40 / 71 (56.34%)
| 172.217.168.35:443 |
| 2020-04-05 05:48:25 | b4356e66d34b310f0e007d80d7244081 | 40 / 71 (56.34%)
| 172.217.168.35:443 |
| 2020-04-03 22:01:29 | 3f8474528ca3cb2887e4686ee403906e | n/a | 216.58.211.99:443 |
| 2020-04-03 22:01:29 | 3f8474528ca3cb2887e4686ee403906e | n/a | 216.58.211.99:443 |
| 2020-04-03 21:58:14 | e8f998416f538c17e33ed70233209c9f | n/a | 216.58.211.99:443 |
| 2020-04-03 21:58:14 | e8f998416f538c17e33ed70233209c9f | n/a | 216.58.211.99:443 |
| 2020-04-03 21:35:57 | 82f5cd83a5551a6548a368017f0b9d30 | n/a | 172.217.168.35:443 |
| 2020-04-03 21:35:57 | 82f5cd83a5551a6548a368017f0b9d30 | n/a | 172.217.168.35:443 |
| 2020-04-03 21:24:55 | 3dc79f9ef9b3020de8df734864f9648f | n/a | 216.58.215.227:443 |
| 2020-04-03 21:24:55 | 3dc79f9ef9b3020de8df734864f9648f | n/a | 216.58.215.227:443 |
| 2020-04-03 20:56:58 | 561dbf003d614b969e36ab742e679b8d | n/a | 172.217.20.99:443 |
| 2020-04-03 20:56:58 | 561dbf003d614b969e36ab742e679b8d | n/a | 172.217.20.99:443 |
| 2020-04-03 20:52:24 | 2817aacc9bda390c1da7aad6f67d7607 | n/a | 172.217.168.67:443 |
| 2020-04-03 20:52:24 | 2817aacc9bda390c1da7aad6f67d7607 | n/a | 172.217.168.67:443 |
| 2020-04-03 20:44:12 | 167cf3d8b4b92c1bfa34dd9ccc418b1a | n/a | 172.217.168.35:443 |
| 2020-04-03 20:44:12 | 167cf3d8b4b92c1bfa34dd9ccc418b1a | n/a | 172.217.168.35:443 |
| 2020-04-03 20:10:42 | e68922910cf7be7e80f6fb8e8497de9d | 56 / 73 (76.71%)
| 172.217.20.99:443 |
| 2020-04-03 20:10:42 | e68922910cf7be7e80f6fb8e8497de9d | 56 / 73 (76.71%)
| 172.217.20.99:443 |
| 2020-04-03 19:28:59 | 768a4e253da69ffa972dc1b0b9728993 | n/a | 216.58.215.227:443 |
| 2020-04-03 19:28:59 | 768a4e253da69ffa972dc1b0b9728993 | n/a | 216.58.215.227:443 |
| 2020-04-03 13:09:34 | c0dccfee2570886e6baf9fdcaca330fb | 54 / 72 (75.00%)
| 172.217.20.99:443 |
| 2020-04-03 13:09:34 | c0dccfee2570886e6baf9fdcaca330fb | 54 / 72 (75.00%)
| 172.217.20.99:443 |
| 2020-04-03 07:31:01 | 6b33274e91e72a4b716cfc807baedd14 | n/a | 172.217.168.67:443 |
| 2020-04-03 07:31:01 | 6b33274e91e72a4b716cfc807baedd14 | n/a | 172.217.168.67:443 |
| 2020-03-30 17:57:03 | f64607ff262614adf62afba9d81f651e | n/a | 216.58.215.227:443 |
| 2020-03-30 17:57:03 | f64607ff262614adf62afba9d81f651e | n/a | 216.58.215.227:443 |
| 2020-03-27 21:44:55 | 4082e3cd8aa4fa38ef8b0d819bea7125 | 53 / 73 (72.60%)
| 216.58.215.227:443 |
| 2020-03-27 21:44:55 | 4082e3cd8aa4fa38ef8b0d819bea7125 | 53 / 73 (72.60%)
| 216.58.215.227:443 |
| 2020-03-27 08:00:52 | cd0f9d101208331d0682a14607fb8935 | 55 / 73 (75.34%)
| 172.217.20.99:443 |
| 2020-03-27 08:00:52 | cd0f9d101208331d0682a14607fb8935 | 55 / 73 (75.34%)
| 172.217.20.99:443 |
| 2020-03-26 08:29:15 | e555fd4b024defbad63d013da50c592d | n/a | 216.58.215.227:443 |
| 2020-03-26 08:29:15 | e555fd4b024defbad63d013da50c592d | n/a | 216.58.215.227:443 |
| 2020-03-26 08:29:14 | e555fd4b024defbad63d013da50c592d | n/a | 216.58.215.228:443 |
| 2020-03-26 08:29:14 | e555fd4b024defbad63d013da50c592d | n/a | 216.58.215.228:443 |
| 2020-03-26 06:40:50 | ce5cc15fd1d4421d551f0d834807c8e2 | n/a | 172.217.20.99:443 |
| 2020-03-26 06:40:50 | ce5cc15fd1d4421d551f0d834807c8e2 | n/a | 172.217.20.99:443 |
| 2020-03-25 18:08:05 | 617757adfdd08f4de7bb1a7c763e1354 | n/a | 172.217.168.3:443 |
| 2020-03-25 18:08:05 | 617757adfdd08f4de7bb1a7c763e1354 | n/a | 172.217.168.3:443 |
| 2020-03-25 17:32:35 | cf92e6ae4e936cdf68aa927d4f5e5493 | n/a | 74.125.28.94:443 |
| 2020-03-25 17:32:35 | cf92e6ae4e936cdf68aa927d4f5e5493 | n/a | 74.125.28.94:443 |
| 2020-03-25 08:25:52 | e4927c69ab20efd10f8ad729a209001c | n/a | 172.217.168.35:443 |
| 2020-03-25 08:25:52 | e4927c69ab20efd10f8ad729a209001c | n/a | 172.217.168.35:443 |
| 2020-03-24 17:33:46 | 33eec12ec46b73bad66ed066f856d6b4 | n/a | 172.217.168.35:443 |
| 2020-03-24 17:33:46 | 33eec12ec46b73bad66ed066f856d6b4 | n/a | 172.217.168.35:443 |
| 2020-03-24 14:51:03 | 5cad9ffd2e579ae8d83e9275ceb8161f | 54 / 73 (73.97%)
| 172.217.168.67:443 |
| 2020-03-24 14:51:03 | 5cad9ffd2e579ae8d83e9275ceb8161f | 54 / 73 (73.97%)
| 172.217.168.67:443 |
# of entries: 100 (max: 100)