JA3 Fingerprints
You can find further information about the JA3 fingerprint d18a4da84af59e1108862a39bae7c9d4, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | d18a4da84af59e1108862a39bae7c9d4 |
|---|---|
| First seen: | 2018-04-03 00:40:51 UTC |
| Last seen: | 2021-02-06 01:53:12 UTC |
| Status: | Blacklisted |
| Malware samples: | 110 |
| Destination IPs: | 45 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 12:51:08 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2023-08-07 15:23:51 | 3a2fffded769bace9850a1ace78f25e4 | n/a | 185.199.108.153:443 |
| 2023-08-07 15:23:51 | 3a2fffded769bace9850a1ace78f25e4 | n/a | 172.217.168.78:443 |
| 2023-07-28 15:52:55 | 24dc28354412607dbe3e8e579e7521b1 |  2 / 69 (2.90%)
| 185.199.111.133:443 |
| 2023-07-28 15:52:55 | 24dc28354412607dbe3e8e579e7521b1 | 2 / 69 (2.90%)
| 140.82.121.3:443 |
| 2023-07-28 05:18:49 | 4d07eed20777cd155c3708089d0aaf1a | n/a | 185.199.111.153:443 |
| 2023-07-25 00:29:36 | 4375b03938ac8048f16ec15973085b30 | n/a | 18.165.183.88:443 |
| 2023-07-22 23:41:38 | b494cbfff8f6d983ced8104f015ed81c | n/a | 216.58.215.238:443 |
| 2023-07-22 23:41:37 | b494cbfff8f6d983ced8104f015ed81c | n/a | 185.199.108.153:443 |
| 2023-07-20 19:14:47 | 09c29797bae7a8e05e623553efd25415 | 1 / 71 (1.41%)
| 18.165.183.88:443 |
| 2022-11-20 06:50:38 | 0871bf121991e15e9f58f01d4158478d | n/a | 52.72.172.158:443 |
| 2022-10-17 13:02:08 | 690e38c3049c7abe8edd1bc9df35f2f7 | n/a | 142.250.185.77:443 |
| 2022-10-17 13:02:08 | 690e38c3049c7abe8edd1bc9df35f2f7 | n/a | 142.250.185.78:443 |
| 2022-10-12 19:40:18 | 4555e058c3f846730f45b6e3d616efae | n/a | 20.224.186.212:443 |
| 2022-08-17 04:28:58 | d8bcad6d70400c4b798451295d9ec2da | n/a | 95.143.172.170:443 |
| 2022-08-16 20:06:26 | b2a011144841893accb0bd3abaff9545 | n/a | 95.143.172.170:443 |
| 2022-05-23 01:37:37 | cd79edc7304276161ddb36b2ec4d693a | n/a | 95.143.172.170:443 |
| 2022-05-18 18:27:21 | c32b97185c230fc6838f628d5d47f1f7 | n/a | 95.143.172.170:443 |
| 2022-05-18 17:36:08 | 0f411b184480feecfbbafe5aa31d89f2 | n/a | 95.143.172.170:443 |
| 2022-05-18 17:35:02 | 0cfdd572f8ae03ac9332e0ceb322ac3a | n/a | 95.143.172.170:443 |
| 2022-05-18 17:22:49 | 4d22343fb2151796c793bb98e678933c | 1 / 69 (1.45%)
| 95.143.172.170:443 |
| 2022-05-18 17:13:08 | 145dac3bf976db3bc03529db98db19f3 | 0 / 67 (0.00%)
| 95.143.172.170:443 |
| 2022-05-18 09:46:39 | 1d314d77d6fe01fa33d2788201586f6e | n/a | 95.143.172.170:443 |
| 2022-04-23 04:14:11 | 64166399442b52d87184a4063ad45991 | n/a | 74.125.34.46:443 |
| 2022-04-21 04:57:43 | e11ee37e1c70ba57f88c251f5ef4f15a | n/a | 95.143.172.170:443 |
| 2022-03-04 19:53:26 | 0fac031efef802bd82a736e7ea998448 | 1 / 66 (1.52%)
| 95.143.172.170:443 |
| 2022-01-29 06:43:30 | d34e9dbbb3140ba461ac91583825d254 | 7 / 64 (10.94%)
| 95.143.172.170:443 |
| 2021-12-31 21:18:14 | a3cf408945b7d20a3e32f2caeb1fc97a | 0 / 68 (0.00%)
| 95.143.172.170:443 |
| 2021-12-29 13:32:27 | b178e23c92d5b00fcc595dbc59c84c22 | 0 / 66 (0.00%)
| 95.143.172.170:443 |
| 2021-12-29 06:15:35 | b0b79899717881085027afac59fca1b3 | n/a | 95.143.172.170:443 |
| 2021-12-01 02:33:18 | f6154869a2203b93bbfc9bba271c971c | n/a | 95.143.172.170:443 |
| 2021-12-01 00:05:26 | e5e6b516e9aaece920fd88f7bcd28ab1 | n/a | 52.216.245.78:443 |
| 2021-09-26 16:29:54 | cd4c8768f0e21429fbc7f844ed54e330 | n/a | 142.250.203.110:443 |
| 2021-09-26 16:29:54 | cd4c8768f0e21429fbc7f844ed54e330 | n/a | 145.239.231.17:443 |
| 2021-09-21 06:46:40 | d51c971722f64dededb8410a537c47d3 | n/a | 52.72.172.158:443 |
| 2021-09-11 08:44:07 | 969deb37aac55eb8ee385aca27102dd2 | n/a | 62.141.38.176:443 |
| 2021-08-25 10:17:04 | 7394d2f799e6d9336a14ea64fa4e5d1f | n/a | 212.82.100.76:587 |
| 2021-08-22 04:40:18 | 344e9bddcd948c865df4b7fa0199dc34 | n/a | 151.101.112.84:443 |
| 2021-02-06 01:53:12 | 0a025b1367a36afa7f91b4a3b52d3824 | 3 / 70 (4.29%)
| 52.216.98.125:443 |
| 2021-02-06 01:53:12 | 0a025b1367a36afa7f91b4a3b52d3824 | 3 / 70 (4.29%)
| 52.216.98.125:443 |
| 2021-01-02 15:41:11 | 098c76eda17b5d738cc591adf8c17df9 | 0 / 69 (0.00%)
| 140.82.121.3:443 |
| 2021-01-02 15:41:11 | 098c76eda17b5d738cc591adf8c17df9 | 0 / 69 (0.00%)
| 52.217.12.36:443 |
| 2021-01-02 15:41:11 | 098c76eda17b5d738cc591adf8c17df9 | 0 / 69 (0.00%)
| 185.199.108.153:443 |
| 2021-01-02 15:41:11 | 098c76eda17b5d738cc591adf8c17df9 | 0 / 69 (0.00%)
| 95.143.172.170:443 |
| 2021-01-02 15:41:11 | 098c76eda17b5d738cc591adf8c17df9 | 0 / 69 (0.00%)
| 140.82.121.3:443 |
| 2021-01-02 15:41:11 | 098c76eda17b5d738cc591adf8c17df9 | 0 / 69 (0.00%)
| 185.199.108.153:443 |
| 2021-01-02 15:41:11 | 098c76eda17b5d738cc591adf8c17df9 | 0 / 69 (0.00%)
| 52.217.12.36:443 |
| 2021-01-02 15:41:11 | 098c76eda17b5d738cc591adf8c17df9 | 0 / 69 (0.00%)
| 95.143.172.170:443 |
| 2020-11-11 00:58:38 | aabf3a244725176bcca17e5d488524b6 | 10 / 73 (13.70%)
| 136.243.106.42:443 |
| 2020-11-11 00:58:38 | aabf3a244725176bcca17e5d488524b6 | 10 / 73 (13.70%)
| 136.243.106.42:443 |
| 2020-09-28 13:39:26 | 0500b295b20e26546ffede81edf77476 | 6 / 71 (8.45%)
| 216.58.208.110:443 |
| 2020-09-28 13:39:26 | 0500b295b20e26546ffede81edf77476 | 6 / 71 (8.45%)
| 216.58.208.110:443 |
| 2020-08-01 04:06:14 | 0cf4c7388038b31f8e68cf35cc8d5e31 | 0 / 69 (0.00%)
| 140.82.118.4:443 |
| 2020-08-01 04:06:14 | 0cf4c7388038b31f8e68cf35cc8d5e31 | 0 / 69 (0.00%)
| 52.216.205.251:443 |
| 2020-08-01 04:06:14 | 0cf4c7388038b31f8e68cf35cc8d5e31 | 0 / 69 (0.00%)
| 95.143.172.170:443 |
| 2020-08-01 04:06:14 | 0cf4c7388038b31f8e68cf35cc8d5e31 | 0 / 69 (0.00%)
| 185.199.109.153:443 |
| 2020-08-01 04:06:14 | 0cf4c7388038b31f8e68cf35cc8d5e31 | 0 / 69 (0.00%)
| 95.143.172.170:443 |
| 2020-08-01 04:06:14 | 0cf4c7388038b31f8e68cf35cc8d5e31 | 0 / 69 (0.00%)
| 140.82.118.4:443 |
| 2020-08-01 04:06:14 | 0cf4c7388038b31f8e68cf35cc8d5e31 | 0 / 69 (0.00%)
| 52.216.205.251:443 |
| 2020-08-01 04:06:14 | 0cf4c7388038b31f8e68cf35cc8d5e31 | 0 / 69 (0.00%)
| 185.199.109.153:443 |
| 2020-06-24 09:30:52 | a175008436819971840f555f09231365 | 48 / 73 (65.75%)
| 74.125.34.46:443 |
| 2020-06-24 09:30:52 | a175008436819971840f555f09231365 | 48 / 73 (65.75%)
| 74.125.34.46:443 |
| 2020-06-24 02:36:13 | 28093a90e265c0637fec95a5e42101a7 | 49 / 74 (66.22%)
| 74.125.34.46:443 |
| 2020-06-24 02:36:13 | 28093a90e265c0637fec95a5e42101a7 | 49 / 74 (66.22%)
| 74.125.34.46:443 |
| 2020-06-22 13:46:24 | 7a1ea0844eb1a246222c9e7a8902e0a4 | 50 / 74 (67.57%)
| 74.125.34.46:443 |
| 2020-06-22 13:46:24 | 7a1ea0844eb1a246222c9e7a8902e0a4 | 50 / 74 (67.57%)
| 74.125.34.46:443 |
| 2020-06-22 12:48:48 | 75f4c7a207e9c18a7c4ceadb3a141193 | 49 / 73 (67.12%)
| 74.125.34.46:443 |
| 2020-06-22 12:48:48 | 75f4c7a207e9c18a7c4ceadb3a141193 | 49 / 73 (67.12%)
| 74.125.34.46:443 |
| 2020-06-22 08:22:34 | 62ebe9aea87177ecc9a3970e451d041f | 47 / 71 (66.20%)
| 74.125.34.46:443 |
| 2020-06-22 08:22:34 | 62ebe9aea87177ecc9a3970e451d041f | 47 / 71 (66.20%)
| 74.125.34.46:443 |
| 2020-06-22 07:11:58 | 53c9c22b014af328d91a181df86517f1 | 53 / 74 (71.62%)
| 74.125.34.46:443 |
| 2020-06-22 07:11:58 | 53c9c22b014af328d91a181df86517f1 | 53 / 74 (71.62%)
| 74.125.34.46:443 |
| 2020-06-21 23:33:15 | 3ea69564e92429572ec12913ff874890 | 53 / 73 (72.60%)
| 74.125.34.46:443 |
| 2020-06-21 23:33:15 | 3ea69564e92429572ec12913ff874890 | 53 / 73 (72.60%)
| 74.125.34.46:443 |
| 2020-06-21 22:03:02 | 3892834957a893d4d71bdb79304d4e90 | 49 / 74 (66.22%)
| 74.125.34.46:443 |
| 2020-06-21 22:03:02 | 3892834957a893d4d71bdb79304d4e90 | 49 / 74 (66.22%)
| 74.125.34.46:443 |
| 2020-06-21 20:18:49 | 30e99775eb975d88619dc0a5a27e9c64 | 50 / 74 (67.57%)
| 74.125.34.46:443 |
| 2020-06-21 20:18:49 | 30e99775eb975d88619dc0a5a27e9c64 | 50 / 74 (67.57%)
| 74.125.34.46:443 |
| 2020-06-19 16:05:40 | a42f6d3a7f2982447256f001b639215e | 48 / 72 (66.67%)
| 74.125.34.46:443 |
| 2020-06-19 16:05:40 | a42f6d3a7f2982447256f001b639215e | 48 / 72 (66.67%)
| 74.125.34.46:443 |
| 2020-06-19 15:50:28 | a362c951b8984f0ee329b281e7e42bf7 | 49 / 74 (66.22%)
| 74.125.34.46:443 |
| 2020-06-19 15:50:28 | a362c951b8984f0ee329b281e7e42bf7 | 49 / 74 (66.22%)
| 74.125.34.46:443 |
| 2020-06-19 08:57:21 | 26cd2845fa151ee4878a83df30326ff4 | 49 / 74 (66.22%)
| 74.125.34.46:443 |
| 2020-06-19 08:57:21 | 26cd2845fa151ee4878a83df30326ff4 | 49 / 74 (66.22%)
| 74.125.34.46:443 |
| 2020-06-19 08:32:59 | 258272c5b0480d36427cb70a5d3f6439 | 46 / 73 (63.01%)
| 74.125.34.46:443 |
| 2020-06-19 08:32:59 | 258272c5b0480d36427cb70a5d3f6439 | 46 / 73 (63.01%)
| 74.125.34.46:443 |
| 2020-06-19 08:28:45 | 25054ee2a25c0525d323dc5056a699e9 | 45 / 71 (63.38%)
| 74.125.34.46:443 |
| 2020-06-19 08:28:45 | 25054ee2a25c0525d323dc5056a699e9 | 45 / 71 (63.38%)
| 74.125.34.46:443 |
| 2020-06-19 07:53:10 | 229720affc72c6a624753774de23136b | 49 / 74 (66.22%)
| 74.125.34.46:443 |
| 2020-06-19 07:53:10 | 229720affc72c6a624753774de23136b | 49 / 74 (66.22%)
| 74.125.34.46:443 |
| 2020-06-19 00:07:30 | 07e485fc2889f1137b9a0754a567ec18 | 46 / 69 (66.67%)
| 74.125.34.46:443 |
| 2020-06-19 00:07:30 | 07e485fc2889f1137b9a0754a567ec18 | 46 / 69 (66.67%)
| 74.125.34.46:443 |
| 2020-06-18 23:51:02 | 0811eb50b7b53520397b1a4645b5a7b6 | 50 / 73 (68.49%)
| 74.125.34.46:443 |
| 2020-06-18 23:51:02 | 0811eb50b7b53520397b1a4645b5a7b6 | 50 / 73 (68.49%)
| 74.125.34.46:443 |
| 2020-06-18 23:00:01 | 035f2d2e8ef3ce5fd281776d5cf4cf15 | 48 / 73 (65.75%)
| 74.125.34.46:443 |
| 2020-06-18 23:00:01 | 035f2d2e8ef3ce5fd281776d5cf4cf15 | 48 / 73 (65.75%)
| 74.125.34.46:443 |
| 2020-06-18 21:32:54 | 143289687b08093df43de4e7d88d2ebf | 48 / 72 (66.67%)
| 74.125.34.46:443 |
| 2020-06-18 21:32:54 | 143289687b08093df43de4e7d88d2ebf | 48 / 72 (66.67%)
| 74.125.34.46:443 |
| 2020-06-18 21:19:05 | 0e86068f86ee15f46329a0d2ed63b7b2 | 47 / 73 (64.38%)
| 74.125.34.46:443 |
| 2020-06-18 21:19:05 | 0e86068f86ee15f46329a0d2ed63b7b2 | 47 / 73 (64.38%)
| 74.125.34.46:443 |
| 2020-06-18 12:25:47 | 4bfa26be856487eceab1d55e43df1175 | 46 / 71 (64.79%)
| 74.125.34.46:443 |
# of entries: 100 (max: 100)