JA3 Fingerprints
You can find further information about the JA3 fingerprint c0220cd64849a629397a9cb68f78a0ea, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | c0220cd64849a629397a9cb68f78a0ea |
|---|---|
| First seen: | 2019-03-24 00:12:32 UTC |
| Last seen: | 2020-05-30 05:21:32 UTC |
| Status: | Blacklisted |
| Malware samples: | 279 |
| Destination IPs: | 96 |
| Malware: | Tofsee  |
| Listing date: | 2020-01-09 14:28:36 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-05-30 05:21:32 | 7a3f4ff5f17743604dbcbf9b0fa69626 |  24 / 73 (32.88%)
| 104.16.9.28:443 |
| 2020-05-30 05:21:30 | 7a3f4ff5f17743604dbcbf9b0fa69626 | 24 / 73 (32.88%)
| 35.167.134.89:443 |
| 2020-05-12 09:37:01 | 1884bd28c4990aa12f9e38416c30bd08 | n/a | 104.16.9.28:443 |
| 2020-05-10 07:04:26 | 2cbb35246e6605512d1822a768737b81 | 47 / 72 (65.28%)
| 172.217.168.196:443 |
| 2020-05-10 07:04:25 | 2cbb35246e6605512d1822a768737b81 | 47 / 72 (65.28%)
| 172.217.17.68:443 |
| 2020-05-10 00:05:54 | 1bff813f2f5b943dd3406d76f50d5719 | 34 / 73 (46.58%)
| 172.217.22.4:443 |
| 2020-05-10 00:05:53 | 1bff813f2f5b943dd3406d76f50d5719 | 34 / 73 (46.58%)
| 216.58.205.228:443 |
| 2020-05-09 21:53:35 | 18324db8521654ac4af49bcba5b40521 | n/a | 172.217.168.196:443 |
| 2020-04-25 00:40:08 | 979f34daa90f43a57a8460870ea116ce | 28 / 72 (38.89%)
| 13.227.216.77:443 |
| 2020-04-21 17:08:52 | 125c8c1bfe684223c36f5258b7aadbf4 | 41 / 72 (56.94%)
| 104.22.63.174:443 |
| 2020-04-21 17:08:41 | 125c8c1bfe684223c36f5258b7aadbf4 | 41 / 72 (56.94%)
| 104.20.80.155:443 |
| 2020-04-21 17:08:41 | 125c8c1bfe684223c36f5258b7aadbf4 | 41 / 72 (56.94%)
| 172.217.9.142:443 |
| 2020-04-21 17:08:29 | 125c8c1bfe684223c36f5258b7aadbf4 | 41 / 72 (56.94%)
| 13.226.251.76:443 |
| 2020-04-17 11:57:58 | 24e73f0a7e20914be81a030feafe06e4 | 17 / 72 (23.61%)
| 23.43.120.119:443 |
| 2020-03-26 11:35:56 | 999dc6eef21218ed7c3fbb3bbb920052 | 35 / 73 (47.95%)
| 172.217.168.238:443 |
| 2020-03-21 06:04:18 | a4bf21a69fb30c57ec8688cbd7e3cf89 | 54 / 73 (73.97%)
| 104.78.177.246:443 |
| 2020-03-21 06:04:18 | a4bf21a69fb30c57ec8688cbd7e3cf89 | 54 / 73 (73.97%)
| 104.78.177.63:443 |
| 2020-03-21 06:04:16 | a4bf21a69fb30c57ec8688cbd7e3cf89 | 54 / 73 (73.97%)
| 96.16.108.7:443 |
| 2020-03-19 21:25:47 | a990bfa906c958fd3e735278ef046e41 | 54 / 73 (73.97%)
| 151.101.114.49:443 |
| 2020-03-19 21:25:46 | a990bfa906c958fd3e735278ef046e41 | 54 / 73 (73.97%)
| 184.25.218.6:443 |
| 2020-03-19 21:25:46 | a990bfa906c958fd3e735278ef046e41 | 54 / 73 (73.97%)
| 104.22.62.174:443 |
| 2020-03-19 21:25:46 | a990bfa906c958fd3e735278ef046e41 | 54 / 73 (73.97%)
| 151.101.114.133:443 |
| 2020-03-19 21:25:45 | a990bfa906c958fd3e735278ef046e41 | 54 / 73 (73.97%)
| 2.16.181.146:443 |
| 2020-03-13 14:32:42 | 6d4e4e5a5f547bc0920e4b1bda9de34e | 58 / 72 (80.56%)
| 96.16.108.7:443 |
| 2020-03-13 14:32:41 | 6d4e4e5a5f547bc0920e4b1bda9de34e | 58 / 72 (80.56%)
| 104.78.177.246:443 |
| 2020-03-13 14:32:40 | 6d4e4e5a5f547bc0920e4b1bda9de34e | 58 / 72 (80.56%)
| 104.78.177.63:443 |
| 2020-03-07 19:04:48 | 249e052b738ab40f0e9a1f9723da6761 | 54 / 72 (75.00%)
| 23.227.38.64:443 |
| 2020-03-06 19:46:06 | 46c564d7bf821027725ac57fe9038526 | 34 / 72 (47.22%)
| 216.58.215.238:443 |
| 2020-03-04 09:52:39 | 7f500fd53344df1736b41e5a5b2f5827 | n/a | 92.122.200.67:443 |
| 2020-03-03 08:36:53 | c813b2ffcb21e12dd800f66c26845fce | 54 / 72 (75.00%)
| 23.57.80.6:443 |
| 2020-03-03 08:36:51 | c813b2ffcb21e12dd800f66c26845fce | 54 / 72 (75.00%)
| 104.80.21.166:443 |
| 2020-03-03 08:25:03 | 08c59260ed9afff63d6a2df67c0473dd | 54 / 72 (75.00%)
| 23.57.80.6:443 |
| 2020-03-03 08:25:03 | 08c59260ed9afff63d6a2df67c0473dd | 54 / 72 (75.00%)
| 104.80.21.166:443 |
| 2020-03-03 08:17:11 | cd7c4eb5bb984cc22b0c10426049a064 | n/a | 104.80.21.166:443 |
| 2020-03-03 07:53:06 | 7517c69dbcb8225720640f178d2ed421 | n/a | 23.57.80.6:443 |
| 2020-03-03 07:53:06 | 7517c69dbcb8225720640f178d2ed421 | n/a | 104.80.21.166:443 |
| 2020-02-29 04:03:00 | f4a8a9906a9e3b13855969b5d406b35d | n/a | 104.80.23.97:443 |
| 2020-02-27 22:20:36 | b968747be8f91b8951b8b96f9f181555 | n/a | 104.80.21.166:443 |
| 2020-02-27 22:20:36 | b968747be8f91b8951b8b96f9f181555 | n/a | 23.57.80.6:443 |
| 2020-02-26 14:12:10 | bb69ec7270f3535579b342b7514139f4 | n/a | 92.122.200.67:443 |
| 2020-02-24 15:02:09 | e914fb98bc6c4d1e6c9fddb335bfbd55 | n/a | 104.80.21.166:443 |
| 2020-02-24 12:12:05 | b937831b4c6a0183e64d23a85cf879de | 59 / 73 (80.82%)
| 104.80.21.166:443 |
| 2020-02-24 10:53:27 | a6bb0d10940b351b75f000676fa74a8b | n/a | 104.80.21.166:443 |
| 2020-02-24 10:53:27 | a6bb0d10940b351b75f000676fa74a8b | n/a | 104.80.23.97:443 |
| 2020-02-24 10:53:26 | a6bb0d10940b351b75f000676fa74a8b | n/a | 23.57.80.6:443 |
| 2020-02-23 14:13:25 | afd92d17232d25be248341370588ebea | n/a | 23.57.80.6:443 |
| 2020-02-23 07:45:54 | 32286ed8b4f02ea2288c05c534f07239 | n/a | 104.80.23.97:443 |
| 2020-02-23 07:45:54 | 32286ed8b4f02ea2288c05c534f07239 | n/a | 23.57.80.6:443 |
| 2020-02-22 20:51:00 | 6b7370b89086982cd572d62bf4af5348 | n/a | 96.16.108.7:443 |
| 2020-02-22 20:47:06 | fd11dda2b5163c08cdde56845e83be24 | n/a | 96.16.108.7:443 |
| 2020-02-22 20:36:19 | d7fbd8f5b20f242482993ba69c9a9d2d | n/a | 104.78.177.246:443 |
| 2020-02-22 20:29:50 | 444c5243fc4da6ac0ced7944f8710aa2 | n/a | 104.78.177.246:443 |
| 2020-02-22 20:29:49 | 444c5243fc4da6ac0ced7944f8710aa2 | n/a | 104.78.177.63:443 |
| 2020-02-22 20:29:49 | 444c5243fc4da6ac0ced7944f8710aa2 | n/a | 96.16.108.7:443 |
| 2020-02-20 15:15:59 | b4db3a17d42526854c6c0f1166e05c0e | n/a | 104.78.177.246:443 |
| 2020-02-20 12:21:11 | a74be7e3bee055570dbf3bdaca514f68 | n/a | 104.78.177.246:443 |
| 2020-02-20 11:57:22 | b05b26fca78ff0044d3679c709f56181 | n/a | 104.78.177.63:443 |
| 2020-02-20 09:07:57 | bc7e159bd32ae48b798b1956e6cbec36 | n/a | 92.122.150.68:443 |
| 2020-02-20 06:31:04 | 373246d064f42d4bc96a016174a88eac | n/a | 104.106.196.30:443 |
| 2020-02-20 06:25:07 | 8944e4b7a97d0f0eb1cd70e9adbe10fc | n/a | 92.122.150.68:443 |
| 2020-02-20 06:22:18 | 01ecf9355254dc8c0c1fad330298fc88 | n/a | 104.106.196.30:443 |
| 2020-02-20 06:12:58 | ea2e8ed5310836654a9980b3321ddaa2 | n/a | 104.106.196.30:443 |
| 2020-02-20 06:11:34 | 8fbfc57b871d810af65b320a9e0b2a66 | n/a | 104.106.196.30:443 |
| 2020-02-20 06:11:34 | 8fbfc57b871d810af65b320a9e0b2a66 | n/a | 92.122.150.68:443 |
| 2020-02-20 06:02:06 | ee755a06186f44f6980120ea196190ca | n/a | 92.122.150.68:443 |
| 2020-02-19 23:49:09 | aa2520df2b8def5d60b9bce325b2aba3 | n/a | 104.78.177.63:443 |
| 2020-02-19 16:52:54 | 40500ea8db567ea7c44e5489b1a25961 | n/a | 96.16.108.7:443 |
| 2020-02-19 16:52:54 | 40500ea8db567ea7c44e5489b1a25961 | n/a | 104.78.177.246:443 |
| 2020-02-19 09:33:58 | bb54d0dd72b6cf9d4cd4be7c5e5fdf01 | n/a | 96.16.108.7:443 |
| 2020-02-18 19:28:23 | c37ca5fe9f99386f6d498b2114bc3670 | n/a | 104.78.177.63:443 |
| 2020-02-18 19:28:23 | c37ca5fe9f99386f6d498b2114bc3670 | n/a | 104.78.177.246:443 |
| 2020-02-18 10:32:51 | 522780ebf61301eea85ba86de0d7e131 | n/a | 104.78.177.63:443 |
| 2020-02-18 10:25:24 | 0f89fc6f45048ad904b6a1c721e28019 | n/a | 104.78.177.63:443 |
| 2020-02-18 10:16:53 | 34cf2b9339709c87f3b88f3835e72375 | n/a | 96.16.108.7:443 |
| 2020-02-18 10:16:51 | 34cf2b9339709c87f3b88f3835e72375 | n/a | 104.78.177.63:443 |
| 2020-02-18 10:16:17 | feabcc4ec27833fb19d3dc546945884b | n/a | 104.78.177.63:443 |
| 2020-02-18 09:40:28 | e5c24f48a4ce4a4bc0f13b5ab243ec96 | n/a | 96.16.108.7:443 |
| 2020-02-18 09:36:14 | 7219855ad6ef3a36802fa494c7d76e14 | n/a | 104.78.177.63:443 |
| 2020-02-18 09:36:13 | 7219855ad6ef3a36802fa494c7d76e14 | n/a | 104.78.177.246:443 |
| 2020-02-18 09:36:13 | 7219855ad6ef3a36802fa494c7d76e14 | n/a | 96.16.108.7:443 |
| 2020-02-18 09:26:46 | 963672a7a271b334cbf2860607f5c115 | n/a | 104.78.177.246:443 |
| 2020-02-18 09:26:46 | 963672a7a271b334cbf2860607f5c115 | n/a | 96.16.108.7:443 |
| 2020-02-17 14:54:37 | 130c8bd24889b7cd12b0394b52e30a81 | 31 / 72 (43.06%)
| 104.109.250.133:443 |
| 2020-02-17 14:54:36 | 130c8bd24889b7cd12b0394b52e30a81 | 31 / 72 (43.06%)
| 104.18.27.108:443 |
| 2020-02-17 08:19:31 | b4f9df0b02d8094cacecba3afdbc5d31 | n/a | 104.78.177.63:443 |
| 2020-02-17 08:19:30 | b4f9df0b02d8094cacecba3afdbc5d31 | n/a | 96.16.108.7:443 |
| 2020-02-17 06:08:21 | b2dabd3cb7faae949bb8fecedf4946f4 | n/a | 96.16.108.7:443 |
| 2020-02-16 14:34:35 | 917338f134a2d0d3bc37b45127aba8e3 | n/a | 96.16.108.7:443 |
| 2020-02-16 14:34:35 | 917338f134a2d0d3bc37b45127aba8e3 | n/a | 104.78.177.246:443 |
| 2020-02-16 08:31:12 | d2c6f4852cece029ee071140cd7b05ce | n/a | 104.78.177.63:443 |
| 2020-02-16 06:44:53 | a88196443dea556a1e98b3e796e7662f | n/a | 104.78.177.246:443 |
| 2020-02-15 13:56:33 | 90a7d0d484f633e2a78fd18e05c42fa6 | n/a | 96.16.108.7:443 |
| 2020-02-15 11:26:25 | 1936b8b40e3921c996c4dbfa7310e460 | n/a | 96.16.108.7:443 |
| 2020-02-15 11:26:24 | 1936b8b40e3921c996c4dbfa7310e460 | n/a | 104.78.177.246:443 |
| 2020-02-07 09:50:27 | bdcf0b98628fbd22d5a9f9c16e449d78 | 37 / 71 (52.11%)
| 104.78.177.246:443 |
| 2020-02-04 22:04:58 | b35afd074427f4d202179d9118b323f5 | 24 / 72 (33.33%)
| 96.16.108.7:443 |
| 2020-01-30 14:08:07 | 9fba7fab4b09c77cd22e97b12e2a9538 | n/a | 104.80.23.97:443 |
| 2020-01-30 11:07:20 | ae3158f1242a91049332358fb32274e0 | 37 / 71 (52.11%)
| 2.21.36.249:443 |
| 2020-01-30 11:07:20 | ae3158f1242a91049332358fb32274e0 | 37 / 71 (52.11%)
| 172.217.20.99:443 |
| 2020-01-30 11:07:18 | ae3158f1242a91049332358fb32274e0 | 37 / 71 (52.11%)
| 172.217.168.206:443 |
# of entries: 100 (max: 100)