JA3 Fingerprints

You can find further information about the JA3 fingerprint bffa4501966196d3d6e90cee1f88fc89, including the corresponding malware samples as well as the associated botnet C&Cs.

Database Entry


JA3 Fingerprint:bffa4501966196d3d6e90cee1f88fc89
First seen:2018-06-07 15:08:04 UTC
Last seen:2020-03-16 00:03:44 UTC
Status:Blacklisted
Malware samples:173
Destination IPs:28
Malware:Tofsee -
Listing date:2020-01-09 14:29:30

Malware Samples


The table below documents all malware samples associated with this JA3 Fingerprint.

Timestamp (UTC)Malware Sample (MD5 hash)VTBotnet C&C (IP:port)
2020-03-16 00:03:441c8e4241015b839da870436ee4f15795n/a162.210.102.230:21
2020-03-16 00:03:441c8e4241015b839da870436ee4f15795n/a162.210.102.230:2901
2020-03-16 00:03:441c8e4241015b839da870436ee4f15795n/a162.210.102.230:21
2020-03-16 00:03:441c8e4241015b839da870436ee4f15795n/a162.210.102.230:2901
2020-03-12 12:29:530d9f5420fd2781e1c123905bc68d8f5an/a217.69.139.90:993
2020-03-12 12:29:530d9f5420fd2781e1c123905bc68d8f5an/a217.69.139.90:993
2020-03-08 12:30:45046607bba932850fdd26867b61126208n/a94.100.180.90:993
2020-03-08 12:30:45046607bba932850fdd26867b61126208n/a94.100.180.90:993
2020-03-08 03:03:1927fa25d9b6af7689e195d39ab676f406n/a217.69.139.90:993
2020-03-08 03:03:1927fa25d9b6af7689e195d39ab676f406n/a94.100.180.90:993
2020-03-08 03:03:1927fa25d9b6af7689e195d39ab676f406n/a217.69.139.90:993
2020-03-08 03:03:1927fa25d9b6af7689e195d39ab676f406n/a94.100.180.90:993
2019-11-06 09:17:41130a8e075d127ed47f49ab3c97823ac9n/a217.69.139.90:993
2019-11-06 09:17:41130a8e075d127ed47f49ab3c97823ac9n/a217.69.139.90:993
2019-10-30 05:38:4070be66d0eaea71b16f11a0733b829020Virustotal results 43 / 71 (60.56%) 217.69.139.90:993
2019-10-30 05:38:4070be66d0eaea71b16f11a0733b829020Virustotal results 43 / 71 (60.56%) 217.69.139.90:993
2019-10-22 12:16:43702130462b0749531db1a6f0d959b212n/a217.69.139.90:993
2019-10-22 12:16:43702130462b0749531db1a6f0d959b212n/a217.69.139.90:993
2019-10-16 07:25:39ba90a250ae5d996e174c212470d28bbbVirustotal results 29/69 (42.03%) 94.100.180.90:993
2019-10-16 07:25:39ba90a250ae5d996e174c212470d28bbbVirustotal results 29/69 (42.03%) 94.100.180.90:993
2019-10-01 09:36:47f25186e3a79b468878a7debd365f51bdn/a217.69.139.90:993
2019-10-01 09:36:47f25186e3a79b468878a7debd365f51bdn/a217.69.139.90:993
2019-09-06 04:10:1278167d3435af8a9533e9f7e6b0dd0b71n/a94.100.180.90:993
2019-09-06 04:10:1278167d3435af8a9533e9f7e6b0dd0b71n/a94.100.180.90:993
2019-09-06 01:49:49778573b0d1e09856e30044d12dade408n/a217.69.139.90:993
2019-09-06 01:49:49778573b0d1e09856e30044d12dade408n/a217.69.139.90:993
2019-09-06 01:49:49778573b0d1e09856e30044d12dade408n/a94.100.180.90:993
2019-09-06 01:49:49778573b0d1e09856e30044d12dade408n/a94.100.180.90:993
2019-09-05 16:52:25e2d426bc0ff6e3e80723c42cef561d1fn/a94.100.180.90:993
2019-09-05 16:52:25e2d426bc0ff6e3e80723c42cef561d1fn/a94.100.180.90:993
2019-09-05 13:56:243650a48ec7c5dcb63047c60b8e3d0f83Virustotal results 40 / 71 (56.34%) 217.69.139.90:993
2019-09-05 13:56:243650a48ec7c5dcb63047c60b8e3d0f83Virustotal results 40 / 71 (56.34%) 217.69.139.90:993
2019-09-05 13:36:244073e676c0e60a452423a574c27c2cd0n/a217.69.139.90:993
2019-09-05 13:36:244073e676c0e60a452423a574c27c2cd0n/a217.69.139.90:993
2019-09-05 13:27:29ae643c0f0084eec630d9368043fb3407Virustotal results 54/71 (76.06%) 94.100.180.90:993
2019-09-05 13:27:29ae643c0f0084eec630d9368043fb3407Virustotal results 54/71 (76.06%) 94.100.180.90:993
2019-09-05 10:18:51724e89c270af7f1e5a1052c9bfc3f002n/a94.100.180.90:993
2019-09-05 10:18:51724e89c270af7f1e5a1052c9bfc3f002n/a94.100.180.90:993
2019-09-05 09:56:4671edb62981757165054fa172127239a7Virustotal results 52/68 (76.47%) 94.100.180.90:993
2019-09-05 09:56:4671edb62981757165054fa172127239a7Virustotal results 52/68 (76.47%) 94.100.180.90:993
2019-09-05 08:31:04e4f5fb14e20baeb987ce2d458690e72dn/a94.100.180.90:993
2019-09-05 08:31:04e4f5fb14e20baeb987ce2d458690e72dn/a217.69.139.90:993
2019-09-05 08:31:04e4f5fb14e20baeb987ce2d458690e72dn/a217.69.139.90:993
2019-09-05 08:31:04e4f5fb14e20baeb987ce2d458690e72dn/a94.100.180.90:993
2019-09-05 07:51:3411bcd4327258f52459afe5fa71aaadd4n/a94.100.180.90:993
2019-09-05 07:51:3411bcd4327258f52459afe5fa71aaadd4n/a94.100.180.90:993
2019-09-05 06:31:54fcb9e86957131bb0a4b3ace45e0c2bcfVirustotal results 48 / 71 (67.61%) 94.100.180.90:993
2019-09-05 06:31:54fcb9e86957131bb0a4b3ace45e0c2bcfVirustotal results 48 / 71 (67.61%) 94.100.180.90:993
2019-09-05 06:31:53fcb9e86957131bb0a4b3ace45e0c2bcfVirustotal results 48 / 71 (67.61%) 217.69.139.90:993
2019-09-05 06:31:53fcb9e86957131bb0a4b3ace45e0c2bcfVirustotal results 48 / 71 (67.61%) 217.69.139.90:993
2019-09-05 05:28:522f0d64993fdc08369f45dfe5a4254407Virustotal results 28 / 70 (40.00%) 94.100.180.90:993
2019-09-05 05:28:522f0d64993fdc08369f45dfe5a4254407Virustotal results 28 / 70 (40.00%) 217.69.139.90:993
2019-09-05 05:28:522f0d64993fdc08369f45dfe5a4254407Virustotal results 28 / 70 (40.00%) 94.100.180.90:993
2019-09-05 05:28:522f0d64993fdc08369f45dfe5a4254407Virustotal results 28 / 70 (40.00%) 217.69.139.90:993
2019-09-05 03:23:56d37b9c1dc74c4bebf4705e105475a856Virustotal results 50/70 (71.43%) 217.69.139.90:993
2019-09-05 03:23:56d37b9c1dc74c4bebf4705e105475a856Virustotal results 50/70 (71.43%) 217.69.139.90:993
2019-09-05 03:15:30d532ef6a2bba526ff618dc4efe628b7an/a94.100.180.90:993
2019-09-05 03:15:30d532ef6a2bba526ff618dc4efe628b7an/a94.100.180.90:993
2019-09-05 03:15:28d532ef6a2bba526ff618dc4efe628b7an/a217.69.139.90:993
2019-09-05 03:15:28d532ef6a2bba526ff618dc4efe628b7an/a217.69.139.90:993
2019-09-05 00:36:4376f8d06791f5119050e85ad404741275Virustotal results 38 / 71 (53.52%) 94.100.180.90:993
2019-09-05 00:36:4376f8d06791f5119050e85ad404741275Virustotal results 38 / 71 (53.52%) 94.100.180.90:993
2019-09-04 23:48:55b3fc25cfb8d243450fbd1deef8ff1a97n/a94.100.180.90:993
2019-09-04 23:48:55b3fc25cfb8d243450fbd1deef8ff1a97n/a94.100.180.90:993
2019-09-04 23:10:066412c36774052b8d2a954b4c3c7f796bVirustotal results 51 / 70 (72.86%) 217.69.139.90:993
2019-09-04 23:10:066412c36774052b8d2a954b4c3c7f796bVirustotal results 51 / 70 (72.86%) 217.69.139.90:993
2019-09-04 23:10:046412c36774052b8d2a954b4c3c7f796bVirustotal results 51 / 70 (72.86%) 94.100.180.90:993
2019-09-04 23:10:046412c36774052b8d2a954b4c3c7f796bVirustotal results 51 / 70 (72.86%) 94.100.180.90:993
2019-09-04 19:01:348780d82c810e42dd917aca598eb20017Virustotal results 46 / 66 (69.70%) 217.69.139.90:993
2019-09-04 19:01:348780d82c810e42dd917aca598eb20017Virustotal results 46 / 66 (69.70%) 217.69.139.90:993
2019-09-04 18:41:43e0f936b7cb5998e79ca1e3802c38ced8Virustotal results 52 / 71 (73.24%) 94.100.180.90:993
2019-09-04 18:41:43e0f936b7cb5998e79ca1e3802c38ced8Virustotal results 52 / 71 (73.24%) 94.100.180.90:993
2019-09-03 12:41:31be8a9af9f3bea0700928db10ee219547Virustotal results 48 / 71 (67.61%) 217.69.139.90:993
2019-09-03 12:41:31be8a9af9f3bea0700928db10ee219547Virustotal results 48 / 71 (67.61%) 217.69.139.90:993
2019-08-30 00:44:219ae5bd15c39630e475b0deeeae6fddffVirustotal results 21 / 70 (30.00%) 217.69.139.90:993
2019-08-30 00:44:219ae5bd15c39630e475b0deeeae6fddffVirustotal results 21 / 70 (30.00%) 217.69.139.90:993
2019-08-29 05:01:37ab9e24d3cff1fcc746c6dbee4de75c27Virustotal results 51/71 (71.83%) 217.69.139.90:993
2019-08-29 05:01:37ab9e24d3cff1fcc746c6dbee4de75c27Virustotal results 51/71 (71.83%) 217.69.139.90:993
2019-08-29 03:31:56cdff886327b19fe640322edaaf384700Virustotal results 36 / 70 (51.43%) 94.100.180.90:993
2019-08-29 03:31:56cdff886327b19fe640322edaaf384700Virustotal results 36 / 70 (51.43%) 94.100.180.90:993
2019-08-29 02:35:23a44c963eb658ce4179cc97cdb09ceb59Virustotal results 55/68 (80.88%) 217.69.139.90:993
2019-08-29 02:35:23a44c963eb658ce4179cc97cdb09ceb59Virustotal results 55/68 (80.88%) 94.100.180.90:993
2019-08-29 02:35:23a44c963eb658ce4179cc97cdb09ceb59Virustotal results 55/68 (80.88%) 94.100.180.90:993
2019-08-29 02:35:23a44c963eb658ce4179cc97cdb09ceb59Virustotal results 55/68 (80.88%) 217.69.139.90:993
2019-08-29 02:08:551af078d2d219b8175e2c62116f3c3375Virustotal results 55/69 (79.71%) 217.69.139.90:993
2019-08-29 02:08:551af078d2d219b8175e2c62116f3c3375Virustotal results 55/69 (79.71%) 217.69.139.90:993
2019-08-29 01:51:208330bac9adf4a7de1a59ff71c98be58en/a217.69.139.90:993
2019-08-29 01:51:208330bac9adf4a7de1a59ff71c98be58en/a217.69.139.90:993
2019-08-29 01:21:56bc0405123b850edc50491576ac6dff28Virustotal results 51/69 (73.91%) 217.69.139.90:993
2019-08-29 01:21:56bc0405123b850edc50491576ac6dff28Virustotal results 51/69 (73.91%) 217.69.139.90:993
2019-08-28 19:13:462f531fe9a573edbfa78e1a5fed44d704n/a94.100.180.90:993
2019-08-28 19:13:462f531fe9a573edbfa78e1a5fed44d704n/a217.69.139.90:993
2019-08-28 19:13:462f531fe9a573edbfa78e1a5fed44d704n/a94.100.180.90:993
2019-08-28 19:13:462f531fe9a573edbfa78e1a5fed44d704n/a217.69.139.90:993
2019-08-28 05:34:46e81a8bc00c4d17a16a640b6f605cdb11n/a94.100.180.90:993
2019-08-28 05:34:46e81a8bc00c4d17a16a640b6f605cdb11n/a94.100.180.90:993
2019-08-26 13:58:5604e6ac031a293afc201df37929cc3584Virustotal results 26 / 68 (38.24%) 94.100.180.90:993
2019-08-26 13:58:5604e6ac031a293afc201df37929cc3584Virustotal results 26 / 68 (38.24%) 94.100.180.90:993
2019-08-26 03:07:19279dfd72246eb32e414d0327c370151fn/a217.69.139.90:993
2019-08-26 03:07:19279dfd72246eb32e414d0327c370151fn/a217.69.139.90:993

# of entries: 100 (max: 100)