JA3 Fingerprints
You can find further information about the JA3 fingerprint c0220cd64849a629397a9cb68f78a0ea, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | c0220cd64849a629397a9cb68f78a0ea |
|---|---|
| First seen: | 2019-03-24 00:12:32 UTC |
| Last seen: | 2021-07-31 00:26:06 UTC |
| Status: | Blacklisted |
| Malware samples: | 2'779 |
| Destination IPs: | 816 |
| Malware: | Tofsee  |
| Listing date: | 2020-01-09 14:28:36 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2023-02-07 00:28:34 | ae9dc34b6a8ea00485a79cc48fc59662 |  22 / 70 (31.43%)
| 23.3.85.133:443 |
| 2023-02-06 12:48:00 | 08a4403e079a4f7fa39797970fa47fb7 | n/a | 13.224.103.189:443 |
| 2023-02-06 10:45:10 | a9d4046746dfbe7a71abbb18c7812f11 | n/a | 18.66.145.149:443 |
| 2023-01-24 05:00:21 | c6cc33caa155860c0cd62346d34d3faf | n/a | 13.224.93.221:443 |
| 2023-01-21 08:02:20 | 6875a39ee42a3efcdb2dcd5017473e50 | n/a | 18.164.175.199:443 |
| 2023-01-20 21:23:49 | b9153dacde167baf96a60e3a2d602d98 | 50 / 70 (71.43%)
| 23.211.5.50:443 |
| 2023-01-18 19:58:20 | 064e98568d01711372d2faa6482a4cf1 | 55 / 71 (77.46%)
| 104.85.5.189:443 |
| 2023-01-16 02:54:08 | 0ab08fa13cdd181b3ca348b4538fedb6 | 41 / 71 (57.75%)
| 13.224.102.17:443 |
| 2023-01-15 22:29:20 | 0c89a5c6fb07c84c0b57d9b113a47cab | 49 / 69 (71.01%)
| 23.211.5.61:443 |
| 2023-01-11 01:33:03 | a5c04a506c39e897428021470fef3a95 | 50 / 69 (72.46%)
| 13.224.102.17:443 |
| 2023-01-09 15:01:35 | 0249eef46cf79b776989b202b54c5b78 | n/a | 162.219.226.83:443 |
| 2023-01-08 00:41:07 | a27588fcda27df268e4d65c9550f7556 | n/a | 13.224.102.17:443 |
| 2023-01-07 14:24:13 | 3a9b5876d398cf28d7cb54f27b348be0 | n/a | 108.156.58.47:443 |
| 2023-01-06 21:08:59 | 315e8baa13a087385bb8a38ac5462d8b | 40 / 68 (58.82%)
| 64.233.184.206:8883 |
| 2023-01-06 01:03:18 | 07f7aebf76e29f1124d1a2dba86ab5ec | 52 / 71 (73.24%)
| 13.224.102.17:443 |
| 2022-12-26 00:16:53 | b5440068d83a951eaa4cbf40e8bc463d | n/a | 108.156.58.47:443 |
| 2022-12-22 12:01:04 | 356a495ab073688e2b6bfcbef83342ee | n/a | 104.85.6.101:443 |
| 2022-12-22 11:07:46 | 6b5006202b0ee235e321828c2ae1d3d6 | 29 / 72 (40.28%)
| 13.224.102.17:443 |
| 2022-12-09 14:25:58 | 03339fd607f0db638587bc716021ba71 | 0 / 70 (0.00%)
| 34.204.63.26:443 |
| 2022-12-09 14:25:58 | 03339fd607f0db638587bc716021ba71 | 0 / 70 (0.00%)
| 104.19.162.75:443 |
| 2022-11-07 02:47:15 | a86fbe00f12d1f2838b471fc02a9d4e0 | n/a | 23.211.5.50:443 |
| 2022-11-03 13:00:39 | 03267e7d68ed0b4b1a0f195112277af1 | 48 / 72 (66.67%)
| 13.224.93.221:443 |
| 2022-10-28 20:47:43 | a803edddc8573dac3d8eb99718a90d43 | n/a | 52.222.142.236:443 |
| 2022-10-28 17:03:56 | 6629900d2b3e94530c5788932c458f50 | n/a | 13.224.102.17:443 |
| 2022-10-28 17:03:55 | 6629900d2b3e94530c5788932c458f50 | n/a | 13.224.93.221:443 |
| 2022-10-28 17:03:55 | 6629900d2b3e94530c5788932c458f50 | n/a | 162.219.225.118:443 |
| 2022-10-28 16:42:26 | 47ecbf382dbfa5267a4f838646620fd4 | n/a | 65.9.86.187:443 |
| 2022-10-28 15:34:26 | 5fa10fd0e3d6470f158a68f2e3ebd812 | n/a | 13.224.102.17:443 |
| 2022-10-28 06:05:57 | 768ed2cfc2caf8c4b6d8d18ce7e4d908 | n/a | 13.224.102.17:443 |
| 2022-10-28 05:55:18 | 4ebc92ec935a33b183b036a28f0472e6 | 25 / 68 (36.76%)
| 52.222.142.236:443 |
| 2022-10-28 05:50:02 | bd4300bec75aea4594b63753347b7aa6 | n/a | 162.219.225.118:443 |
| 2022-10-28 05:39:06 | 621b519c3d70b7e14fa6723d72c544fe | n/a | 13.225.142.225:443 |
| 2022-10-28 05:38:34 | 5e0bf7b28bebe18defb564e7185829b5 | n/a | 18.66.129.19:443 |
| 2022-10-28 05:35:28 | 851097b23fdd0b2b1bc94ed5f7dc2a28 | n/a | 162.219.225.118:443 |
| 2022-10-27 01:37:20 | 887c8528c894d656a0926884fe546923 | n/a | 108.138.10.130:443 |
| 2022-10-24 13:35:17 | 3d09a350357016dd64bc7edde2c6147b | n/a | 18.65.34.171:443 |
| 2022-10-19 17:09:22 | 4b2544790ac2be87b97e29763bfb3ece | n/a | 162.219.225.118:443 |
| 2022-10-08 09:18:54 | 11017138709b247ca3981b964a280298 | 57 / 72 (79.17%)
| 13.224.100.34:443 |
| 2022-10-07 10:38:22 | 767e9b5e85ee09dae638a2773ccd1f01 | n/a | 13.224.100.34:443 |
| 2022-10-07 10:38:22 | 767e9b5e85ee09dae638a2773ccd1f01 | n/a | 13.224.102.80:443 |
| 2022-10-07 10:30:24 | 7324df6163d339227df369781196468a | n/a | 13.224.100.34:443 |
| 2022-09-30 15:47:56 | 52956747fe3d6f147bd8ff2c4c34b522 | n/a | 184.86.82.220:443 |
| 2022-09-19 03:20:17 | 5e06edba6327107cda11d6f491939ea7 | n/a | 23.204.249.185:443 |
| 2022-09-18 15:32:15 | 206313dea041cfd3538e5a8a9da6bcf0 | 55 / 71 (77.46%)
| 13.224.90.218:443 |
| 2022-09-18 15:32:14 | 206313dea041cfd3538e5a8a9da6bcf0 | 55 / 71 (77.46%)
| 162.219.225.118:443 |
| 2022-09-18 06:34:48 | 2b41f84453e275b0d8c4ebc6e39db931 | n/a | 23.204.249.185:443 |
| 2022-09-16 03:39:22 | 427a6c7cda506488df9602a9a3823e5c | n/a | 108.156.66.76:443 |
| 2022-09-16 03:39:22 | 427a6c7cda506488df9602a9a3823e5c | n/a | 65.9.72.157:443 |
| 2022-09-09 20:45:44 | e8e5d33d96f00e6766acc0850d660157 | n/a | 162.219.225.118:443 |
| 2022-09-09 20:45:43 | e8e5d33d96f00e6766acc0850d660157 | n/a | 13.224.90.218:443 |
| 2022-09-08 21:33:41 | 218c86df7ec87b0a85ed3d11934a5651 | n/a | 104.85.241.139:443 |
| 2022-09-08 01:06:13 | 87f73d8af02d0051ffcacb725c162a80 | n/a | 108.138.6.128:443 |
| 2022-09-07 13:50:43 | 113654f70a4df71e02a0aa88a22011ca | n/a | 18.66.128.229:443 |
| 2022-09-07 13:50:43 | 113654f70a4df71e02a0aa88a22011ca | n/a | 162.219.225.118:443 |
| 2022-09-06 17:16:56 | dab09f16630cdddf1371b70cea1f001f | n/a | 13.224.90.218:443 |
| 2022-09-06 15:36:43 | ce75e0cffe33dd04b6d98a1923ff5e2c | n/a | 65.9.72.157:443 |
| 2022-09-05 16:08:50 | 3fbae4ecd0c709ffd9285d96686a6217 | n/a | 54.230.234.29:443 |
| 2022-09-05 16:08:50 | 3fbae4ecd0c709ffd9285d96686a6217 | n/a | 108.156.66.76:443 |
| 2022-09-05 15:23:21 | 3da9cdcd769609e48de16d4791de5a11 | n/a | 162.219.225.118:443 |
| 2022-09-04 17:14:58 | 13b32559bde679c4244559eaf8143826 | 54 / 71 (76.06%)
| 162.219.225.118:443 |
| 2022-09-04 00:44:28 | 42e64bf3402abbf60f72f919808d5758 | n/a | 13.224.90.218:443 |
| 2022-09-04 00:44:28 | 42e64bf3402abbf60f72f919808d5758 | n/a | 23.211.5.61:443 |
| 2022-09-03 09:47:29 | 0791aab88ec1a4b550fedc306931c75e | n/a | 162.219.225.118:443 |
| 2022-09-03 09:47:28 | 0791aab88ec1a4b550fedc306931c75e | n/a | 65.9.72.157:443 |
| 2022-09-02 21:18:34 | 43b681331a5b66032d3cd23b7d5c5cb7 | 52 / 70 (74.29%)
| 162.219.225.118:443 |
| 2022-09-02 20:12:38 | 67fb794418018e3fd38074c6f614353e | n/a | 108.156.66.76:443 |
| 2022-09-02 20:12:38 | 67fb794418018e3fd38074c6f614353e | n/a | 65.9.72.157:443 |
| 2022-09-02 19:47:49 | 53d0f9ac7b4a11ae9fa02fefe469b028 | n/a | 13.224.90.218:443 |
| 2022-09-02 19:47:49 | 53d0f9ac7b4a11ae9fa02fefe469b028 | n/a | 162.219.225.118:443 |
| 2022-09-02 09:29:01 | 37349598ab32739844750832c3bf2e92 | n/a | 104.75.90.57:443 |
| 2022-09-02 09:29:01 | 37349598ab32739844750832c3bf2e92 | n/a | 162.219.225.118:443 |
| 2022-09-02 00:34:15 | 010f6b7b7a76ae25637947ca6c970626 | n/a | 54.230.234.29:443 |
| 2022-09-01 15:49:48 | 1a239a5526ffe5101eab22261f05c65a | 59 / 69 (85.51%)
| 162.219.224.22:443 |
| 2022-09-01 15:49:47 | 1a239a5526ffe5101eab22261f05c65a | 59 / 69 (85.51%)
| 13.224.95.154:443 |
| 2022-09-01 09:26:23 | cf537177cbd60000ddee135706f0ac56 | n/a | 13.224.90.218:443 |
| 2022-09-01 09:26:22 | cf537177cbd60000ddee135706f0ac56 | n/a | 23.211.5.61:443 |
| 2022-09-01 09:13:44 | ad97e5403853769f00d2671b0d60307a | n/a | 108.156.66.76:443 |
| 2022-09-01 08:52:23 | a4ba7dd4270e864dd04f5457a510c5d8 | n/a | 23.211.5.61:443 |
| 2022-09-01 07:43:07 | b1523317b91ff4736e10413fa5a2b0cd | n/a | 108.156.66.76:443 |
| 2022-09-01 06:30:26 | 9aaa4532f946b3163582cca9fc223991 | n/a | 13.224.90.218:443 |
| 2022-08-31 20:58:15 | 9e554dc575a60f22fef0856540505596 | n/a | 13.224.90.218:443 |
| 2022-08-31 20:58:15 | 9e554dc575a60f22fef0856540505596 | n/a | 184.86.82.222:443 |
| 2022-08-31 20:29:42 | 90f49ad09f87a1cc22b917f14a3c3689 | n/a | 162.219.225.118:443 |
| 2022-08-31 20:29:42 | 829c4a90a4470ffafe9a0420dcbabae9 | n/a | 162.219.225.118:443 |
| 2022-08-31 20:29:42 | 90f49ad09f87a1cc22b917f14a3c3689 | n/a | 13.225.150.186:443 |
| 2022-08-31 10:24:28 | 6da0ff01f36a92475173af7096b683cd | n/a | 65.9.72.157:443 |
| 2022-08-31 05:01:16 | 64564502d424df7126d6c1df24bbd302 | n/a | 184.86.82.222:443 |
| 2022-08-31 05:01:15 | 64564502d424df7126d6c1df24bbd302 | n/a | 13.224.90.218:443 |
| 2022-08-31 01:33:40 | 5ae045fb0d42a635e6641dc894598033 | n/a | 162.219.225.118:443 |
| 2022-08-31 01:25:40 | 5a5a1028fae02606f93c82032a01fdfc | n/a | 108.156.66.76:443 |
| 2022-08-31 01:25:40 | 5a5a1028fae02606f93c82032a01fdfc | n/a | 162.219.225.118:443 |
| 2022-08-30 19:02:03 | 19505468af28e32c987acd357abab8b9 | 28 / 69 (40.58%)
| 13.224.90.218:443 |
| 2022-08-30 14:49:12 | 0bf67e4e33b7d5d7073f9c4e2db34890 | 43 / 70 (61.43%)
| 13.225.150.186:443 |
| 2022-08-30 03:49:34 | 1b2bd8a2896450bb870b16d52014561e | 54 / 70 (77.14%)
| 13.224.90.218:443 |
| 2022-08-29 22:11:24 | 366f817bf003354c19c5f090ea48ffa8 | 49 / 71 (69.01%)
| 162.219.225.118:443 |
| 2022-08-29 22:11:24 | 366f817bf003354c19c5f090ea48ffa8 | 49 / 71 (69.01%)
| 13.224.90.218:443 |
| 2022-08-29 21:52:45 | 430a3ba86b08d0d0ead9fa7026a82396 | n/a | 13.224.90.218:443 |
| 2022-08-28 00:33:32 | 27bc82d8120e706626eee82dc6624060 | n/a | 13.224.90.218:443 |
| 2022-08-28 00:33:32 | 27bc82d8120e706626eee82dc6624060 | n/a | 23.211.5.61:443 |
| 2022-08-26 23:01:09 | 8defc530caecfd189931580dd2ae1998 | n/a | 108.156.66.76:443 |
# of entries: 100 (max: 100)