JA3 Fingerprints
You can find further information about the JA3 fingerprint c2b4710c6888a5d47befe865c8e6fb19, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | c2b4710c6888a5d47befe865c8e6fb19 |
|---|---|
| First seen: | 2018-11-29 20:46:04 UTC |
| Last seen: | 2020-10-05 12:03:58 UTC |
| Status: | Blacklisted |
| Malware samples: | 603 |
| Destination IPs: | 92 |
| Malware: | Tofsee  |
| Listing date: | 2020-01-09 14:32:01 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-10-05 12:03:58 | b16bc1e5ae192fba0d18da850f7e554a |  48 / 70 (68.57%)
| 52.40.13.62:443 |
| 2020-10-05 12:03:58 | b16bc1e5ae192fba0d18da850f7e554a | 48 / 70 (68.57%)
| 151.101.38.214:443 |
| 2020-10-05 12:03:58 | b16bc1e5ae192fba0d18da850f7e554a | 48 / 70 (68.57%)
| 151.101.38.167:443 |
| 2020-10-05 12:03:57 | b16bc1e5ae192fba0d18da850f7e554a | 48 / 70 (68.57%)
| 178.128.34.99:443 |
| 2020-09-11 19:32:22 | a188403a0a44c21f6653f3b64ab3f42d | 54 / 68 (79.41%)
| 184.30.208.101:443 |
| 2020-09-11 18:19:43 | a0c463f6272617f994ea35e57a01d5ee | n/a | 80.241.60.222:443 |
| 2020-09-11 18:19:42 | a0c463f6272617f994ea35e57a01d5ee | n/a | 163.172.174.69:443 |
| 2020-09-11 18:19:42 | a0c463f6272617f994ea35e57a01d5ee | n/a | 104.31.64.133:443 |
| 2020-09-11 18:19:42 | a0c463f6272617f994ea35e57a01d5ee | n/a | 104.22.23.196:443 |
| 2020-09-02 20:55:58 | 2e7acc31c2c2f5ae18628985bca1ade6 | 47 / 68 (69.12%)
| 104.22.23.196:443 |
| 2020-09-02 20:55:57 | 2e7acc31c2c2f5ae18628985bca1ade6 | 47 / 68 (69.12%)
| 185.69.193.7:443 |
| 2020-09-02 07:19:44 | b6d2bd26734781986755dcf654bbd658 | 41 / 70 (58.57%)
| 104.22.22.196:443 |
| 2020-09-02 03:34:19 | b53492ff44556c630c792f931224133c | 47 / 68 (69.12%)
| 104.22.22.196:443 |
| 2020-09-02 03:34:17 | b53492ff44556c630c792f931224133c | 47 / 68 (69.12%)
| 172.67.20.196:443 |
| 2020-09-02 03:34:17 | b53492ff44556c630c792f931224133c | 47 / 68 (69.12%)
| 172.67.192.232:443 |
| 2020-09-01 10:55:24 | b2c200b75276be9d28d5c2a0c87ca3ff | 33 / 67 (49.25%)
| 172.67.20.196:443 |
| 2020-08-27 10:10:24 | 6aac03b2b650493fd3123ae30a98c7a1 | n/a | 104.22.22.196:443 |
| 2020-08-27 10:10:24 | 6aac03b2b650493fd3123ae30a98c7a1 | n/a | 185.69.193.7:443 |
| 2020-08-27 02:02:54 | 507678de385f391ab14cbc66cfc4f09c | n/a | 193.17.41.99:443 |
| 2020-08-27 02:02:54 | 507678de385f391ab14cbc66cfc4f09c | n/a | 104.31.66.68:443 |
| 2020-08-27 02:02:54 | 507678de385f391ab14cbc66cfc4f09c | n/a | 104.31.67.68:443 |
| 2020-08-26 21:27:25 | 369d5f72f36206b6181113062ccb9469 | n/a | 172.67.20.196:443 |
| 2020-08-26 21:27:24 | 369d5f72f36206b6181113062ccb9469 | n/a | 104.22.22.196:443 |
| 2020-08-26 21:27:24 | 369d5f72f36206b6181113062ccb9469 | n/a | 185.69.193.7:443 |
| 2020-08-26 20:20:01 | 2d51f911ae738d5780639cb026da95bd | n/a | 172.67.20.196:443 |
| 2020-08-26 20:20:00 | 2d51f911ae738d5780639cb026da95bd | n/a | 185.69.193.7:443 |
| 2020-08-26 19:09:43 | 23bd8a35228d93d2e7a2b944150766f4 | 50 / 68 (73.53%)
| 104.22.23.196:443 |
| 2020-08-26 19:09:43 | 23bd8a35228d93d2e7a2b944150766f4 | 50 / 68 (73.53%)
| 185.69.193.7:443 |
| 2020-08-26 17:45:57 | 1e4af12a91c2090d29ce1f5277432a1e | n/a | 185.69.193.7:443 |
| 2020-08-26 17:45:56 | 1e4af12a91c2090d29ce1f5277432a1e | n/a | 104.22.22.196:443 |
| 2020-08-24 15:06:54 | be0e99a453998c0f95bbebdf0d78d299 | 44 / 68 (64.71%)
| 185.69.193.7:443 |
| 2020-08-12 21:11:30 | 1adf7f16fb2c5e39910ca7a843f9b2c4 | n/a | 87.240.129.140:443 |
| 2020-07-28 02:20:25 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 173.201.192.5:443 |
| 2020-07-28 02:20:25 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 173.201.192.133:443 |
| 2020-07-28 02:20:25 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 104.31.67.68:443 |
| 2020-07-28 02:20:24 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 68.178.252.148:443 |
| 2020-07-28 02:20:24 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 2.20.222.31:443 |
| 2020-07-28 02:20:23 | c03207b87ef0aa6cf76a18e87c70310d | 39 / 71 (54.93%)
| 68.178.252.133:443 |
| 2020-07-05 16:20:52 | be8fac2f0790e0ec594723afac182f93 | 55 / 72 (76.39%)
| 94.100.180.61:443 |
| 2020-07-05 14:45:10 | bc82008785e4f059b0a71fddf764dcc7 | 42 / 73 (57.53%)
| 94.100.180.61:443 |
| 2020-07-05 10:53:31 | b7f7a94d634f51c44b0de48e4efd6659 | 45 / 73 (61.64%)
| 217.69.139.61:443 |
| 2020-07-05 00:07:52 | ac83e1839fe2e72f3ec5de6a68fde542 | 57 / 72 (79.17%)
| 217.69.139.61:443 |
| 2020-07-04 22:25:34 | aa85739ecb1af7b6d36a5c45ecac7f1f | 45 / 73 (61.64%)
| 94.100.180.61:443 |
| 2020-07-04 16:30:59 | a5e6ac8b10808305730d186a73ee2686 | 47 / 73 (64.38%)
| 94.100.180.61:443 |
| 2020-07-04 10:17:03 | 78d1c03dc95ea6a922f337ac26cf038b | n/a | 217.69.139.61:443 |
| 2020-07-03 18:09:33 | 40fcaca8a1e5f811daa69ee8b410ff0c | 34 / 73 (46.58%)
| 94.100.180.61:443 |
| 2020-07-03 15:26:07 | d8bc0f68619b40058337bc2208a529a7 | 41 / 72 (56.94%)
| 217.69.139.61:443 |
| 2020-07-03 15:11:02 | d7333fc36b17b96a0a09b5b616466604 | 48 / 73 (65.75%)
| 94.100.180.61:443 |
| 2020-07-03 12:38:26 | c27f104e6575d1b551ded5e88d93cb30 | 46 / 73 (63.01%)
| 217.69.139.61:443 |
| 2020-07-03 12:24:56 | c252698643c12ba4c4d7324e730806cd | 50 / 73 (68.49%)
| 94.100.180.61:443 |
| 2020-07-03 07:07:53 | bbaef49ef5bb882ae792fc493d857610 | 48 / 71 (67.61%)
| 217.69.139.61:443 |
| 2020-07-03 06:50:02 | bbcfc2e81282b25760d33f889199a9e7 | 55 / 73 (75.34%)
| 217.69.139.61:443 |
| 2020-07-03 01:28:16 | b51185a488c963747eb4f3c78b798c5f | 38 / 73 (52.05%)
| 94.100.180.61:443 |
| 2020-07-02 23:55:04 | b3ad65faeafacea5d2731c09f4f2f4ce | 39 / 72 (54.17%)
| 217.69.139.61:443 |
| 2020-07-02 23:55:04 | b3ad65faeafacea5d2731c09f4f2f4ce | 39 / 72 (54.17%)
| 94.100.180.61:443 |
| 2020-07-02 18:41:33 | 99d883d5f2b6cddfa4c94ed20c02c46b | 37 / 73 (50.68%)
| 217.69.139.61:443 |
| 2020-07-02 17:56:52 | 69d7d8d95af2dedeb98d2434b0eb6e44 | n/a | 173.201.192.148:443 |
| 2020-07-02 17:56:51 | 69d7d8d95af2dedeb98d2434b0eb6e44 | n/a | 97.74.135.148:443 |
| 2020-07-02 17:56:51 | 69d7d8d95af2dedeb98d2434b0eb6e44 | n/a | 68.178.252.148:443 |
| 2020-07-02 17:56:50 | 69d7d8d95af2dedeb98d2434b0eb6e44 | n/a | 173.201.193.148:443 |
| 2020-07-02 17:56:50 | 69d7d8d95af2dedeb98d2434b0eb6e44 | n/a | 2.20.17.144:443 |
| 2020-07-02 08:39:23 | a9e82ac62abdee20541ef64b24f7c5c1 | 49 / 72 (68.06%)
| 94.100.180.61:443 |
| 2020-07-01 21:05:01 | 870d3c832ff4490f357041c6058b9475 | 42 / 72 (58.33%)
| 94.100.180.61:443 |
| 2020-07-01 20:11:32 | 63f8f3829f9c9063f5f3f08f0cf11c7a | 39 / 73 (53.42%)
| 94.100.180.61:443 |
| 2020-07-01 20:04:14 | 620b4af32712e4e6df2ad2246e5b14dd | n/a | 94.100.180.61:443 |
| 2020-07-01 17:38:57 | 8f495a4e18c762b17b88c90a26dd390d | 40 / 72 (55.56%)
| 94.100.180.61:443 |
| 2020-07-01 15:00:32 | 1dd0ae802490c0c4d07ee0a62eb32221 | 42 / 72 (58.33%)
| 94.100.180.61:443 |
| 2020-06-30 20:42:40 | 50c1f1bfcc4edb0f54594210d5650ba6 | 39 / 73 (53.42%)
| 217.69.139.61:443 |
| 2020-06-30 20:30:15 | 4e89dbf6f90e9e7119aa4c11aeee984f | 43 / 72 (59.72%)
| 217.69.139.61:443 |
| 2020-06-30 20:29:41 | 4e227065c847e73e87a2d34e51f1ab82 | 38 / 72 (52.78%)
| 217.69.139.61:443 |
| 2020-06-30 19:06:16 | 12c76bbac3769a15e601d801babcfe5c | 40 / 72 (55.56%)
| 94.100.180.61:443 |
| 2020-06-30 17:01:40 | d6399ae215e01923cf737eb121923981 | n/a | 94.100.180.61:443 |
| 2020-06-30 13:00:08 | c47e32a43d15b6e0801a60fd3a44f3ab | 44 / 73 (60.27%)
| 217.69.139.61:443 |
| 2020-06-30 10:09:58 | bdd8d050e1cc87099914ccf2c4a5a9fa | 32 / 73 (43.84%)
| 217.69.139.61:443 |
| 2020-06-30 09:16:24 | bbcf6d4602000ed9e6d5afc85ad356f0 | 48 / 74 (64.86%)
| 94.100.180.61:443 |
| 2020-06-30 09:05:16 | bb5e9bb822ecf4ff386450c0221814a9 | 47 / 74 (63.51%)
| 217.69.139.61:443 |
| 2020-06-30 07:28:31 | b9d1d4d6aa9d3f1a5cc0795646a0f9c6 | 46 / 73 (63.01%)
| 94.100.180.61:443 |
| 2020-06-30 07:28:31 | b9d1d4d6aa9d3f1a5cc0795646a0f9c6 | 46 / 73 (63.01%)
| 217.69.139.61:443 |
| 2020-06-30 06:48:54 | b4747870cf4bdcf69b8e103d6bac0e99 | 48 / 72 (66.67%)
| 217.69.139.61:443 |
| 2020-06-30 06:37:11 | b9ac79a15f547ce484a881d0dd130ba6 | 30 / 73 (41.10%)
| 217.69.139.61:443 |
| 2020-06-30 06:37:10 | b9ac79a15f547ce484a881d0dd130ba6 | 30 / 73 (41.10%)
| 94.100.180.61:443 |
| 2020-06-30 06:32:21 | b462a83b72424315d14ec10c31952140 | 35 / 71 (49.30%)
| 94.100.180.61:443 |
| 2020-06-30 06:27:09 | b301cd05d728bfad9a6d19ad922fe943 | 49 / 74 (66.22%)
| 94.100.180.61:443 |
| 2020-06-30 06:27:09 | b301cd05d728bfad9a6d19ad922fe943 | 49 / 74 (66.22%)
| 217.69.139.61:443 |
| 2020-06-30 06:26:36 | b6245283211edeed6af449cafc61bdf0 | 37 / 71 (52.11%)
| 217.69.139.61:443 |
| 2020-06-30 06:18:16 | b3868cf1e0ec979f0ae5d4da8f2db47a | 46 / 72 (63.89%)
| 217.69.139.61:443 |
| 2020-06-30 06:09:11 | b7c414dbbd6b80b5b830331ab1c7d21d | 40 / 72 (55.56%)
| 94.100.180.61:443 |
| 2020-06-30 06:03:48 | b5defeac9fcdb4fd94da250ea440c396 | 42 / 73 (57.53%)
| 217.69.139.61:443 |
| 2020-06-30 06:03:43 | b03a1af8a85068822a5ed79f5d692fef | 46 / 73 (63.01%)
| 217.69.139.61:443 |
| 2020-06-30 06:00:37 | b270ad2b02ff74bae969a00c2e27bb1e | 47 / 73 (64.38%)
| 94.100.180.61:443 |
| 2020-06-30 05:49:04 | b1d5981a594e2cb0b23e3e0149d870f0 | 47 / 71 (66.20%)
| 94.100.180.61:443 |
| 2020-06-30 05:46:40 | b2d213e51e1aeb3a001f0c8e70d41a8b | 45 / 73 (61.64%)
| 217.69.139.61:443 |
| 2020-06-30 05:30:14 | b906f4a2291810a3a82bbb8f3e7af609 | 42 / 74 (56.76%)
| 217.69.139.61:443 |
| 2020-06-30 05:17:03 | b58a2605ccde36bdfb442cc72ee120af | 46 / 72 (63.89%)
| 217.69.139.61:443 |
| 2020-06-30 05:12:05 | b50b841c96c2c4a8ae232d93c4216d83 | 49 / 74 (66.22%)
| 94.100.180.61:443 |
| 2020-06-29 21:26:43 | a7b09133ecb60b0bf50fddfd189689e4 | n/a | 94.100.180.61:443 |
| 2020-06-29 05:37:29 | adf8a18cffeaac880ed98f5816e813c9 | 45 / 73 (61.64%)
| 217.69.139.61:443 |
| 2020-06-29 04:05:33 | ad3b5acadd0fef32b22e3ab6e7023643 | 47 / 73 (64.38%)
| 217.69.139.61:443 |
| 2020-06-29 03:49:31 | ad0897f1da1b116f6a8885d13c717e13 | 50 / 73 (68.49%)
| 94.100.180.61:443 |
| 2020-06-29 00:27:56 | a9393c9670854f80c664263e9aa5c307 | 48 / 72 (66.67%)
| 217.69.139.61:443 |
# of entries: 100 (max: 100)