JA3 Fingerprints
You can find further information about the JA3 fingerprint c0220cd64849a629397a9cb68f78a0ea, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | c0220cd64849a629397a9cb68f78a0ea |
|---|---|
| First seen: | 2019-03-24 00:12:32 UTC |
| Last seen: | 2020-11-25 11:28:24 UTC |
| Status: | Blacklisted |
| Malware samples: | 831 |
| Destination IPs: | 228 |
| Malware: | Tofsee  |
| Listing date: | 2020-01-09 14:28:36 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-11-25 11:28:24 | d8a7d3ff7ea2b1b68e059ed0cd32fa7e | n/a | 52.1.109.248:443 |
| 2020-11-25 11:28:24 | d8a7d3ff7ea2b1b68e059ed0cd32fa7e | n/a | 172.217.168.228:443 |
| 2020-11-25 11:04:03 | d7810f3c9c10fe1ca8597dc39d07be5e |  44 / 70 (62.86%)
| 23.211.5.61:443 |
| 2020-11-25 11:04:03 | d7810f3c9c10fe1ca8597dc39d07be5e | 44 / 70 (62.86%)
| 216.58.215.228:443 |
| 2020-11-25 11:04:03 | d7810f3c9c10fe1ca8597dc39d07be5e | 44 / 70 (62.86%)
| 172.217.168.68:443 |
| 2020-11-25 11:04:02 | d7810f3c9c10fe1ca8597dc39d07be5e | 44 / 70 (62.86%)
| 13.224.90.101:443 |
| 2020-11-25 09:53:39 | d3d17bada350a6851dbb257e5f91fc9e | 53 / 72 (73.61%)
| 172.217.17.68:443 |
| 2020-11-25 09:53:39 | d3d17bada350a6851dbb257e5f91fc9e | 53 / 72 (73.61%)
| 172.217.19.195:443 |
| 2020-11-25 08:54:53 | cb215e53347ca284c12f8852638b038e | 38 / 72 (52.78%)
| 65.9.85.10:443 |
| 2020-11-25 08:15:02 | c4fff4ce318bb96e866569d859f0e214 | n/a | 65.9.85.10:443 |
| 2020-11-25 08:15:02 | c4fff4ce318bb96e866569d859f0e214 | n/a | 176.32.103.205:443 |
| 2020-11-25 08:15:02 | c4fff4ce318bb96e866569d859f0e214 | n/a | 34.194.88.13:443 |
| 2020-11-25 07:56:55 | c253d024ab9b294eef99ee62a2fd1106 | 53 / 71 (74.65%)
| 99.84.239.83:443 |
| 2020-11-25 07:56:55 | c253d024ab9b294eef99ee62a2fd1106 | 53 / 71 (74.65%)
| 143.204.159.26:443 |
| 2020-11-25 07:56:55 | c253d024ab9b294eef99ee62a2fd1106 | 53 / 71 (74.65%)
| 13.225.148.15:443 |
| 2020-11-25 07:56:55 | c253d024ab9b294eef99ee62a2fd1106 | 53 / 71 (74.65%)
| 13.225.47.216:443 |
| 2020-11-25 06:58:32 | ba35fd09237bc3f4e3e4f7230d8fa324 | 50 / 72 (69.44%)
| 23.211.5.61:443 |
| 2020-11-25 06:58:32 | ba35fd09237bc3f4e3e4f7230d8fa324 | 50 / 72 (69.44%)
| 13.224.90.101:443 |
| 2020-11-25 04:48:16 | adc6ab4d348e821c872a152200aed855 | 51 / 72 (70.83%)
| 3.220.83.93:443 |
| 2020-11-25 04:48:16 | adc6ab4d348e821c872a152200aed855 | 51 / 72 (70.83%)
| 52.71.223.34:443 |
| 2020-11-25 04:48:15 | adc6ab4d348e821c872a152200aed855 | 51 / 72 (70.83%)
| 34.195.3.186:443 |
| 2020-11-25 04:48:15 | adc6ab4d348e821c872a152200aed855 | 51 / 72 (70.83%)
| 13.224.90.101:443 |
| 2020-11-25 04:48:15 | adc6ab4d348e821c872a152200aed855 | 51 / 72 (70.83%)
| 52.5.199.160:443 |
| 2020-11-25 04:42:26 | ad766f7e6fea4b9c3aca4db91af4607d | 55 / 71 (77.46%)
| 23.211.5.61:443 |
| 2020-11-25 04:42:24 | ad766f7e6fea4b9c3aca4db91af4607d | 55 / 71 (77.46%)
| 54.204.115.52:443 |
| 2020-11-25 04:42:24 | ad766f7e6fea4b9c3aca4db91af4607d | 55 / 71 (77.46%)
| 13.224.90.101:443 |
| 2020-11-25 04:13:33 | ac1d9584fea3c334a037d9225f03b120 | 55 / 72 (76.39%)
| 23.211.5.8:443 |
| 2020-11-25 04:13:33 | ac1d9584fea3c334a037d9225f03b120 | 55 / 72 (76.39%)
| 172.217.168.36:443 |
| 2020-11-25 04:13:33 | ac1d9584fea3c334a037d9225f03b120 | 55 / 72 (76.39%)
| 13.224.90.101:443 |
| 2020-11-25 04:13:33 | ac1d9584fea3c334a037d9225f03b120 | 55 / 72 (76.39%)
| 172.217.168.4:443 |
| 2020-11-25 03:39:34 | aacf7ed213945f1ffbd3c56954bf0110 | n/a | 35.173.166.200:443 |
| 2020-11-25 03:39:34 | aacf7ed213945f1ffbd3c56954bf0110 | n/a | 143.204.93.225:443 |
| 2020-11-25 03:39:34 | aacf7ed213945f1ffbd3c56954bf0110 | n/a | 3.232.148.177:443 |
| 2020-11-25 03:39:33 | aacf7ed213945f1ffbd3c56954bf0110 | n/a | 2.18.233.29:443 |
| 2020-11-25 03:26:22 | aa5541eede38a6c915ea40dc059a6030 | n/a | 23.211.5.61:443 |
| 2020-11-25 03:26:21 | aa5541eede38a6c915ea40dc059a6030 | n/a | 172.217.168.67:443 |
| 2020-11-25 00:27:24 | a57637d5857e23e4adfdcba19b0c1869 | 50 / 71 (70.42%)
| 13.226.236.158:443 |
| 2020-11-25 00:27:24 | a57637d5857e23e4adfdcba19b0c1869 | 50 / 71 (70.42%)
| 13.225.47.216:443 |
| 2020-11-25 00:02:28 | a2031e92d125c3fa5c7ec887efd83503 | 56 / 72 (77.78%)
| 13.224.90.101:443 |
| 2020-11-24 22:40:06 | 77327c988b00213f86643184f731bb80 | 47 / 72 (65.28%)
| 172.217.168.36:443 |
| 2020-11-24 22:40:06 | 77327c988b00213f86643184f731bb80 | 47 / 72 (65.28%)
| 3.212.83.203:443 |
| 2020-11-24 22:40:06 | 77327c988b00213f86643184f731bb80 | 47 / 72 (65.28%)
| 34.193.5.242:443 |
| 2020-11-24 22:40:05 | 77327c988b00213f86643184f731bb80 | 47 / 72 (65.28%)
| 23.211.5.61:443 |
| 2020-11-24 21:04:18 | 0f9d71c8d0b3c977f9741b257ed1a420 | n/a | 74.125.195.105:443 |
| 2020-11-24 21:04:18 | 0f9d71c8d0b3c977f9741b257ed1a420 | n/a | 13.226.255.145:443 |
| 2020-11-24 21:04:18 | 0f9d71c8d0b3c977f9741b257ed1a420 | n/a | 74.125.195.106:443 |
| 2020-11-24 21:04:17 | 0f9d71c8d0b3c977f9741b257ed1a420 | n/a | 104.75.142.182:443 |
| 2020-11-24 21:01:30 | 2100cc4a8465ec536c9a42dcb5ef3344 | 50 / 72 (69.44%)
| 13.224.90.101:443 |
| 2020-11-24 20:47:46 | b0a256a4ac3afc1c9175603dd8aa42da | 40 / 72 (55.56%)
| 34.206.33.202:443 |
| 2020-11-24 20:47:45 | b0a256a4ac3afc1c9175603dd8aa42da | 40 / 72 (55.56%)
| 172.217.17.68:443 |
| 2020-11-24 20:47:44 | b0a256a4ac3afc1c9175603dd8aa42da | 40 / 72 (55.56%)
| 52.222.137.64:443 |
| 2020-11-24 20:47:43 | b0a256a4ac3afc1c9175603dd8aa42da | 40 / 72 (55.56%)
| 52.3.71.143:443 |
| 2020-11-24 20:47:40 | b0a256a4ac3afc1c9175603dd8aa42da | 40 / 72 (55.56%)
| 65.9.85.10:443 |
| 2020-11-24 18:36:39 | b19df136265d1379461ea7ba258458a0 | n/a | 176.32.98.166:443 |
| 2020-11-24 18:36:39 | b19df136265d1379461ea7ba258458a0 | n/a | 2.18.233.29:443 |
| 2020-11-24 18:36:39 | b19df136265d1379461ea7ba258458a0 | n/a | 52.0.37.128:443 |
| 2020-11-24 18:36:39 | b19df136265d1379461ea7ba258458a0 | n/a | 143.204.93.225:443 |
| 2020-11-24 17:56:14 | b0e3e0a3503766013658806597f291a6 | 49 / 71 (69.01%)
| 34.195.173.122:443 |
| 2020-11-24 17:56:14 | b0e3e0a3503766013658806597f291a6 | 49 / 71 (69.01%)
| 157.240.17.63:443 |
| 2020-11-24 17:56:14 | b0e3e0a3503766013658806597f291a6 | 49 / 71 (69.01%)
| 13.224.90.101:443 |
| 2020-11-22 02:49:11 | 989bf2f2dd14ae1f5eb8022b9ad822cb | 43 / 72 (59.72%)
| 23.72.96.17:443 |
| 2020-11-22 02:49:11 | 989bf2f2dd14ae1f5eb8022b9ad822cb | 43 / 72 (59.72%)
| 185.181.176.19:443 |
| 2020-11-21 02:00:10 | a14930ad11f80dd65f1a17a96f1a6214 | n/a | 185.181.176.19:443 |
| 2020-11-21 00:13:12 | 794c3cc8ecbd5e89352b9416e50c12fc | 48 / 70 (68.57%)
| 95.100.48.189:443 |
| 2020-11-20 13:20:53 | cb0d8fb8225da2ba6149f0fcb5a0aa7e | n/a | 184.25.217.115:443 |
| 2020-11-20 12:05:46 | ba1859750c281d7de2ef2ac6f2c0a3bb | n/a | 95.100.48.189:443 |
| 2020-11-20 05:36:24 | a5d3c849e173d35cb11d66bffd83af09 | 55 / 72 (76.39%)
| 184.25.217.115:443 |
| 2020-11-20 05:36:24 | a5d3c849e173d35cb11d66bffd83af09 | 55 / 72 (76.39%)
| 185.181.176.19:443 |
| 2020-11-20 05:36:24 | a5d3c849e173d35cb11d66bffd83af09 | 55 / 72 (76.39%)
| 104.111.227.59:443 |
| 2020-11-18 10:46:08 | b03d557b300cc309a17fc112fb340dfd | 46 / 71 (64.79%)
| 185.181.176.19:443 |
| 2020-11-14 06:35:50 | 794b1162316b2d201dd8c3699b66e967 | n/a | 13.224.90.101:443 |
| 2020-11-14 06:35:50 | 794b1162316b2d201dd8c3699b66e967 | n/a | 23.211.5.61:443 |
| 2020-11-13 17:37:05 | 61b4f8c99c90c8c2173299aac4b9f306 | n/a | 52.222.137.64:443 |
| 2020-11-13 15:55:05 | 0a330d8dcffec5c40cbce1cc0086a93a | n/a | 23.211.5.61:443 |
| 2020-11-13 15:49:44 | 30aa32d6df3953f1fd5c630deb1b3f35 | n/a | 23.67.137.78:443 |
| 2020-11-13 15:49:44 | 30aa32d6df3953f1fd5c630deb1b3f35 | n/a | 176.32.98.166:443 |
| 2020-11-13 15:49:44 | 30aa32d6df3953f1fd5c630deb1b3f35 | n/a | 143.204.93.225:443 |
| 2020-11-13 15:36:39 | 34d46644b3f66a809ab14f8020b5c279 | n/a | 52.222.137.64:443 |
| 2020-11-13 15:23:02 | 33cad99d88094a24ae8812e4456f1ab4 | n/a | 176.32.98.166:443 |
| 2020-11-13 15:23:02 | 33cad99d88094a24ae8812e4456f1ab4 | n/a | 52.222.137.64:443 |
| 2020-11-13 15:21:19 | 95e2a7923c02de413d910e8118206ed3 | n/a | 13.224.90.101:443 |
| 2020-11-13 15:21:19 | 95e2a7923c02de413d910e8118206ed3 | n/a | 23.211.5.61:443 |
| 2020-11-13 15:21:19 | 95e2a7923c02de413d910e8118206ed3 | n/a | 176.32.98.166:443 |
| 2020-11-13 14:59:50 | b5d63af3bb623f9fbf36c160fc562466 | 37 / 71 (52.11%)
| 23.37.56.24:443 |
| 2020-11-13 14:59:50 | b5d63af3bb623f9fbf36c160fc562466 | 37 / 71 (52.11%)
| 143.204.93.225:443 |
| 2020-11-13 13:57:34 | b47db81c1702ded6fc1f92a6b4ed01fe | n/a | 13.226.163.199:443 |
| 2020-11-13 13:57:34 | b47db81c1702ded6fc1f92a6b4ed01fe | n/a | 176.32.98.166:443 |
| 2020-11-13 04:57:17 | b0d11148683ccf7f7a9d404cc3af20c8 | 44 / 71 (61.97%)
| 13.224.90.101:443 |
| 2020-11-13 04:57:17 | b0d11148683ccf7f7a9d404cc3af20c8 | 44 / 71 (61.97%)
| 176.32.103.205:443 |
| 2020-11-13 04:36:34 | b040ae18565ee414592256994a371b31 | n/a | 23.211.5.61:443 |
| 2020-11-13 04:36:34 | b040ae18565ee414592256994a371b31 | n/a | 13.224.90.101:443 |
| 2020-11-13 04:34:06 | b0428b974d365565cac0812214158fd1 | 46 / 72 (63.89%)
| 23.62.133.214:443 |
| 2020-11-13 04:34:06 | b0428b974d365565cac0812214158fd1 | 46 / 72 (63.89%)
| 13.226.152.225:443 |
| 2020-11-13 04:34:06 | b0428b974d365565cac0812214158fd1 | 46 / 72 (63.89%)
| 52.222.137.64:443 |
| 2020-11-13 04:24:38 | aff9ab5bd7309235fdfc643d535f89da | 46 / 72 (63.89%)
| 13.224.90.101:443 |
| 2020-11-13 04:24:37 | aff9ab5bd7309235fdfc643d535f89da | 46 / 72 (63.89%)
| 23.211.5.61:443 |
| 2020-11-13 03:59:10 | aea6b58c89f52838ca02f0ec6bee0e81 | 43 / 72 (59.72%)
| 52.222.137.64:443 |
| 2020-11-13 03:59:10 | aea6b58c89f52838ca02f0ec6bee0e81 | 43 / 72 (59.72%)
| 95.100.197.10:443 |
| 2020-11-13 02:49:51 | a6c96806e782c2d6033990f64054b78e | n/a | 13.35.97.87:443 |
| 2020-11-13 02:49:51 | a6c96806e782c2d6033990f64054b78e | n/a | 104.75.142.182:443 |
# of entries: 100 (max: 100)