JA3 Fingerprints
You can find further information about the JA3 fingerprint c2b4710c6888a5d47befe865c8e6fb19, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | c2b4710c6888a5d47befe865c8e6fb19 |
|---|---|
| First seen: | 2018-11-29 20:46:04 UTC |
| Last seen: | 2020-12-16 15:08:09 UTC |
| Status: | Blacklisted |
| Malware samples: | 620 |
| Destination IPs: | 100 |
| Malware: | Tofsee  |
| Listing date: | 2020-01-09 14:32:01 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-12-16 15:08:09 | a32852f773e5dab808722d079eedf635 |  1 / 70 (1.43%)
| 47.246.43.167:443 |
| 2020-12-06 20:41:48 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49890 |
| 2020-12-06 20:41:48 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 35.186.224.25:443 |
| 2020-12-06 20:41:48 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49904 |
| 2020-12-06 20:41:48 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49908 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49899 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49901 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49897 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49887 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49895 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49893 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49925 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49921 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49927 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49919 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49923 |
| 2020-12-06 20:41:47 | 22b6506112221ea5201e4c80d11db2c0 | 17 / 70 (24.29%)
| 10.0.14.234:49906 |
| 2020-11-27 07:54:25 | ae1cf679daf13324d3353fcec8718b28 | 47 / 70 (67.14%)
| 212.82.100.140:443 |
| 2020-11-27 07:09:32 | ad0fb2170d1b7ffa3c0b99565e2fcaf7 | 50 / 72 (69.44%)
| 212.82.100.140:443 |
| 2020-11-27 07:02:27 | acf308bbdde901611ec5014d93eb6c3d | 55 / 72 (76.39%)
| 212.82.100.140:443 |
| 2020-11-27 06:46:26 | ac6b7b66e9abe988e56881434d36b5d6 | 49 / 72 (68.06%)
| 212.82.100.140:443 |
| 2020-11-26 21:51:57 | 214c6c15a3c2e14cc76cc635f35d404b | 52 / 70 (74.29%)
| 212.82.100.140:443 |
| 2020-11-26 21:51:26 | 0f3d598ec8f9c061c39520094f7f52b2 | n/a | 212.82.100.140:443 |
| 2020-11-26 21:41:24 | 0b681c415da5606871486ac5b62278f2 | 43 / 70 (61.43%)
| 74.6.160.138:443 |
| 2020-11-26 19:56:09 | a6b8c3219e9eda58ef2ae3277842c06d | 51 / 71 (71.83%)
| 212.82.100.140:443 |
| 2020-11-26 19:38:39 | a6428662611ce0811da28dfd183e60d2 | 53 / 69 (76.81%)
| 212.82.100.140:443 |
| 2020-11-26 18:49:34 | a52345fa2d74a558739b243c73cd54bb | 49 / 72 (68.06%)
| 212.82.100.140:443 |
| 2020-11-26 18:47:18 | a4f5533a08a02c3406096f664b0c15e8 | 47 / 70 (67.14%)
| 212.82.100.140:443 |
| 2020-11-26 18:28:08 | a4b23b2f01657feb7cd04875d1cf4874 | 49 / 70 (70.00%)
| 212.82.100.140:443 |
| 2020-11-26 15:11:37 | a1db4ff8577ac8af0e021f5797cf268d | 49 / 71 (69.01%)
| 212.82.100.140:443 |
| 2020-11-26 15:11:35 | a202e81452555baa07a427cd022b419e | 53 / 70 (75.71%)
| 212.82.100.140:443 |
| 2020-11-16 12:38:21 | cd0a2c1105b1d223e231e8b39b707bb7 | 27 / 71 (38.03%)
| 172.67.160.66:443 |
| 2020-11-16 12:38:21 | cd0a2c1105b1d223e231e8b39b707bb7 | 27 / 71 (38.03%)
| 104.153.233.181:443 |
| 2020-11-16 12:38:21 | cd0a2c1105b1d223e231e8b39b707bb7 | 27 / 71 (38.03%)
| 104.28.27.246:443 |
| 2020-11-16 12:38:21 | cd0a2c1105b1d223e231e8b39b707bb7 | 27 / 71 (38.03%)
| 104.28.26.246:443 |
| 2020-10-05 12:03:58 | b16bc1e5ae192fba0d18da850f7e554a | 48 / 70 (68.57%)
| 52.40.13.62:443 |
| 2020-10-05 12:03:58 | b16bc1e5ae192fba0d18da850f7e554a | 48 / 70 (68.57%)
| 151.101.38.214:443 |
| 2020-10-05 12:03:58 | b16bc1e5ae192fba0d18da850f7e554a | 48 / 70 (68.57%)
| 151.101.38.167:443 |
| 2020-10-05 12:03:57 | b16bc1e5ae192fba0d18da850f7e554a | 48 / 70 (68.57%)
| 178.128.34.99:443 |
| 2020-09-11 19:32:22 | a188403a0a44c21f6653f3b64ab3f42d | 54 / 68 (79.41%)
| 184.30.208.101:443 |
| 2020-09-11 18:19:43 | a0c463f6272617f994ea35e57a01d5ee | n/a | 80.241.60.222:443 |
| 2020-09-11 18:19:42 | a0c463f6272617f994ea35e57a01d5ee | n/a | 163.172.174.69:443 |
| 2020-09-11 18:19:42 | a0c463f6272617f994ea35e57a01d5ee | n/a | 104.31.64.133:443 |
| 2020-09-11 18:19:42 | a0c463f6272617f994ea35e57a01d5ee | n/a | 104.22.23.196:443 |
| 2020-09-02 20:55:58 | 2e7acc31c2c2f5ae18628985bca1ade6 | 47 / 68 (69.12%)
| 104.22.23.196:443 |
| 2020-09-02 20:55:57 | 2e7acc31c2c2f5ae18628985bca1ade6 | 47 / 68 (69.12%)
| 185.69.193.7:443 |
| 2020-09-02 07:19:44 | b6d2bd26734781986755dcf654bbd658 | 41 / 70 (58.57%)
| 104.22.22.196:443 |
| 2020-09-02 03:34:19 | b53492ff44556c630c792f931224133c | 47 / 68 (69.12%)
| 104.22.22.196:443 |
| 2020-09-02 03:34:17 | b53492ff44556c630c792f931224133c | 47 / 68 (69.12%)
| 172.67.20.196:443 |
| 2020-09-02 03:34:17 | b53492ff44556c630c792f931224133c | 47 / 68 (69.12%)
| 172.67.192.232:443 |
| 2020-09-01 10:55:24 | b2c200b75276be9d28d5c2a0c87ca3ff | 33 / 67 (49.25%)
| 172.67.20.196:443 |
| 2020-08-27 10:10:24 | 6aac03b2b650493fd3123ae30a98c7a1 | n/a | 104.22.22.196:443 |
| 2020-08-27 10:10:24 | 6aac03b2b650493fd3123ae30a98c7a1 | n/a | 185.69.193.7:443 |
| 2020-08-27 02:02:54 | 507678de385f391ab14cbc66cfc4f09c | n/a | 193.17.41.99:443 |
| 2020-08-27 02:02:54 | 507678de385f391ab14cbc66cfc4f09c | n/a | 104.31.66.68:443 |
| 2020-08-27 02:02:54 | 507678de385f391ab14cbc66cfc4f09c | n/a | 104.31.67.68:443 |
| 2020-08-26 21:27:25 | 369d5f72f36206b6181113062ccb9469 | n/a | 172.67.20.196:443 |
| 2020-08-26 21:27:24 | 369d5f72f36206b6181113062ccb9469 | n/a | 104.22.22.196:443 |
| 2020-08-26 21:27:24 | 369d5f72f36206b6181113062ccb9469 | n/a | 185.69.193.7:443 |
| 2020-08-26 20:20:01 | 2d51f911ae738d5780639cb026da95bd | n/a | 172.67.20.196:443 |
| 2020-08-26 20:20:00 | 2d51f911ae738d5780639cb026da95bd | n/a | 185.69.193.7:443 |
| 2020-08-26 19:09:43 | 23bd8a35228d93d2e7a2b944150766f4 | 50 / 68 (73.53%)
| 104.22.23.196:443 |
| 2020-08-26 19:09:43 | 23bd8a35228d93d2e7a2b944150766f4 | 50 / 68 (73.53%)
| 185.69.193.7:443 |
| 2020-08-26 17:45:57 | 1e4af12a91c2090d29ce1f5277432a1e | n/a | 185.69.193.7:443 |
| 2020-08-26 17:45:56 | 1e4af12a91c2090d29ce1f5277432a1e | n/a | 104.22.22.196:443 |
| 2020-08-24 15:06:54 | be0e99a453998c0f95bbebdf0d78d299 | 44 / 68 (64.71%)
| 185.69.193.7:443 |
| 2020-08-12 21:11:30 | 1adf7f16fb2c5e39910ca7a843f9b2c4 | n/a | 87.240.129.140:443 |
| 2020-07-28 02:20:25 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 173.201.192.5:443 |
| 2020-07-28 02:20:25 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 173.201.192.133:443 |
| 2020-07-28 02:20:25 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 104.31.67.68:443 |
| 2020-07-28 02:20:24 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 68.178.252.148:443 |
| 2020-07-28 02:20:24 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 2.20.222.31:443 |
| 2020-07-28 02:20:23 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 68.178.252.133:443 |
| 2020-07-05 16:20:52 | be8fac2f0790e0ec594723afac182f93 | 55 / 72 (76.39%)
| 94.100.180.61:443 |
| 2020-07-05 14:45:10 | bc82008785e4f059b0a71fddf764dcc7 | 42 / 73 (57.53%)
| 94.100.180.61:443 |
| 2020-07-05 10:53:31 | b7f7a94d634f51c44b0de48e4efd6659 | 45 / 73 (61.64%)
| 217.69.139.61:443 |
| 2020-07-05 00:07:52 | ac83e1839fe2e72f3ec5de6a68fde542 | 57 / 72 (79.17%)
| 217.69.139.61:443 |
| 2020-07-04 22:25:34 | aa85739ecb1af7b6d36a5c45ecac7f1f | 45 / 73 (61.64%)
| 94.100.180.61:443 |
| 2020-07-04 16:30:59 | a5e6ac8b10808305730d186a73ee2686 | 47 / 73 (64.38%)
| 94.100.180.61:443 |
| 2020-07-04 10:17:03 | 78d1c03dc95ea6a922f337ac26cf038b | n/a | 217.69.139.61:443 |
| 2020-07-03 18:09:33 | 40fcaca8a1e5f811daa69ee8b410ff0c | 34 / 73 (46.58%)
| 94.100.180.61:443 |
| 2020-07-03 15:26:07 | d8bc0f68619b40058337bc2208a529a7 | 41 / 72 (56.94%)
| 217.69.139.61:443 |
| 2020-07-03 15:11:02 | d7333fc36b17b96a0a09b5b616466604 | 48 / 73 (65.75%)
| 94.100.180.61:443 |
| 2020-07-03 12:38:26 | c27f104e6575d1b551ded5e88d93cb30 | 46 / 73 (63.01%)
| 217.69.139.61:443 |
| 2020-07-03 12:24:56 | c252698643c12ba4c4d7324e730806cd | 50 / 73 (68.49%)
| 94.100.180.61:443 |
| 2020-07-03 07:07:53 | bbaef49ef5bb882ae792fc493d857610 | 48 / 71 (67.61%)
| 217.69.139.61:443 |
| 2020-07-03 06:50:02 | bbcfc2e81282b25760d33f889199a9e7 | 55 / 73 (75.34%)
| 217.69.139.61:443 |
| 2020-07-03 01:28:16 | b51185a488c963747eb4f3c78b798c5f | 38 / 73 (52.05%)
| 94.100.180.61:443 |
| 2020-07-02 23:55:04 | b3ad65faeafacea5d2731c09f4f2f4ce | 39 / 72 (54.17%)
| 217.69.139.61:443 |
| 2020-07-02 23:55:04 | b3ad65faeafacea5d2731c09f4f2f4ce | 39 / 72 (54.17%)
| 94.100.180.61:443 |
| 2020-07-02 18:41:33 | 99d883d5f2b6cddfa4c94ed20c02c46b | 37 / 73 (50.68%)
| 217.69.139.61:443 |
| 2020-07-02 17:56:52 | 69d7d8d95af2dedeb98d2434b0eb6e44 | n/a | 173.201.192.148:443 |
| 2020-07-02 17:56:51 | 69d7d8d95af2dedeb98d2434b0eb6e44 | n/a | 97.74.135.148:443 |
| 2020-07-02 17:56:51 | 69d7d8d95af2dedeb98d2434b0eb6e44 | n/a | 68.178.252.148:443 |
| 2020-07-02 17:56:50 | 69d7d8d95af2dedeb98d2434b0eb6e44 | n/a | 173.201.193.148:443 |
| 2020-07-02 17:56:50 | 69d7d8d95af2dedeb98d2434b0eb6e44 | n/a | 2.20.17.144:443 |
| 2020-07-02 08:39:23 | a9e82ac62abdee20541ef64b24f7c5c1 | 49 / 72 (68.06%)
| 94.100.180.61:443 |
| 2020-07-01 21:05:01 | 870d3c832ff4490f357041c6058b9475 | 42 / 72 (58.33%)
| 94.100.180.61:443 |
| 2020-07-01 20:11:32 | 63f8f3829f9c9063f5f3f08f0cf11c7a | 39 / 73 (53.42%)
| 94.100.180.61:443 |
| 2020-07-01 20:04:14 | 620b4af32712e4e6df2ad2246e5b14dd | n/a | 94.100.180.61:443 |
# of entries: 100 (max: 100)