JA3 Fingerprints
You can find further information about the JA3 fingerprint d6f04b5a910115f4b50ecec09d40a1df, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | d6f04b5a910115f4b50ecec09d40a1df |
|---|---|
| First seen: | 2017-07-15 19:42:24 UTC |
| Last seen: | 2018-10-14 08:12:51 UTC |
| Status: | Blacklisted |
| Malware samples: | 446 |
| Destination IPs: | 43 |
| Malware: | Dridex  |
| Listing date: | 2018-11-14 11:59:04 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2018-10-14 08:12:51 | 53fe4cc17641748020da764c4479d06d | n/a | 5.196.15.119:443 |
| 2018-10-14 08:12:51 | 53fe4cc17641748020da764c4479d06d | n/a | 5.196.15.119:443 |
| 2018-10-12 04:47:20 | 1a1f0d6d8d6ac88ae442de82865330c8 |  40/67 (59.70%)
| 5.196.15.119:443 |
| 2018-10-12 04:47:20 | 1a1f0d6d8d6ac88ae442de82865330c8 | 40/67 (59.70%)
| 5.196.15.119:443 |
| 2018-10-12 00:13:02 | 9766f67bf0b76be5458ece6acfb34acb | 41/67 (61.19%)
| 5.196.15.119:443 |
| 2018-10-12 00:13:02 | 9766f67bf0b76be5458ece6acfb34acb | 41/67 (61.19%)
| 5.196.15.119:443 |
| 2018-10-10 17:27:29 | 08ed91a94aa726a0162b45c8f14ed244 | 25/69 (36.23%)
| 5.196.15.119:443 |
| 2018-10-10 17:27:29 | 08ed91a94aa726a0162b45c8f14ed244 | 25/69 (36.23%)
| 5.196.15.119:443 |
| 2018-10-10 07:40:20 | 644dda5991639b456c11d43d2b835547 | 41/67 (61.19%)
| 5.196.15.119:443 |
| 2018-10-10 07:40:20 | 644dda5991639b456c11d43d2b835547 | 41/67 (61.19%)
| 5.196.15.119:443 |
| 2018-10-09 20:19:54 | 800b056b734396c993846429ce4764f0 | 42/67 (62.69%)
| 5.196.15.119:443 |
| 2018-10-09 20:19:54 | 800b056b734396c993846429ce4764f0 | 42/67 (62.69%)
| 5.196.15.119:443 |
| 2018-10-09 08:29:38 | b598592ee091657c4f1acab627801e31 | 39/68 (57.35%)
| 5.196.15.119:443 |
| 2018-10-09 08:29:38 | b598592ee091657c4f1acab627801e31 | 39/68 (57.35%)
| 5.196.15.119:443 |
| 2018-09-19 08:49:59 | e1d91da869be3d0f5aa1be47d2cad568 | 11/67 (16.42%)
| 185.16.41.64:443 |
| 2018-09-19 08:49:59 | e1d91da869be3d0f5aa1be47d2cad568 | 11/67 (16.42%)
| 185.16.41.64:443 |
| 2018-09-17 18:55:54 | 0716b2fa2249f8f2fc77aacd47bc34e3 | 53/67 (79.10%)
| 77.48.30.156:443 |
| 2018-09-17 18:55:54 | 0716b2fa2249f8f2fc77aacd47bc34e3 | 53/67 (79.10%)
| 77.48.30.156:443 |
| 2018-09-15 19:14:10 | aef8b35674edc6d3a6c73b0454ed3ef4 | 52/68 (76.47%)
| 77.48.30.156:443 |
| 2018-09-15 19:14:10 | aef8b35674edc6d3a6c73b0454ed3ef4 | 52/68 (76.47%)
| 77.48.30.156:443 |
| 2018-09-12 16:11:22 | 0576af37903d5f5cfbeca98652d838cd | 53/67 (79.10%)
| 77.48.30.156:443 |
| 2018-09-12 16:11:22 | 0576af37903d5f5cfbeca98652d838cd | 53/67 (79.10%)
| 77.48.30.156:443 |
| 2018-09-11 11:24:04 | b18b6d6de9f7ef1dcf95d79759ebca84 | n/a | 77.48.30.156:443 |
| 2018-09-11 11:24:04 | b18b6d6de9f7ef1dcf95d79759ebca84 | n/a | 77.48.30.156:443 |
| 2018-09-11 07:47:00 | ab3635101223bba3061cdc3a5509c15d | 50/68 (73.53%)
| 64.111.42.64:443 |
| 2018-09-11 07:47:00 | ab3635101223bba3061cdc3a5509c15d | 50/68 (73.53%)
| 64.111.42.64:443 |
| 2018-09-09 15:29:11 | d86ea85d6bbca9e4701cb7583ef377ab | 48/68 (70.59%)
| 77.48.30.156:443 |
| 2018-09-09 15:29:11 | d86ea85d6bbca9e4701cb7583ef377ab | 48/68 (70.59%)
| 77.48.30.156:443 |
| 2018-09-08 13:24:53 | 8e8275fbb275816c12cf0ea631f8fe8b | n/a | 77.48.30.156:443 |
| 2018-09-08 13:24:53 | 8e8275fbb275816c12cf0ea631f8fe8b | n/a | 77.48.30.156:443 |
| 2018-09-07 15:33:36 | f33537c40a8afeaa621a59a7f618e6a5 | n/a | 77.48.30.156:443 |
| 2018-09-07 15:33:36 | f33537c40a8afeaa621a59a7f618e6a5 | n/a | 77.48.30.156:443 |
| 2018-09-07 07:31:29 | a282522bf29e5f438e729fcd1d3a5d9d | 59/68 (86.76%)
| 37.57.144.177:443 |
| 2018-09-07 07:31:29 | a282522bf29e5f438e729fcd1d3a5d9d | 59/68 (86.76%)
| 37.57.144.177:443 |
| 2018-09-05 04:17:52 | 8c908eaa835a903485ceee80a3560b17 | n/a | 77.48.30.156:443 |
| 2018-09-05 04:17:52 | 8c908eaa835a903485ceee80a3560b17 | n/a | 77.48.30.156:443 |
| 2018-09-03 09:19:20 | 1861d5d77198b3468a0a60495f0bdd19 | 52/68 (76.47%)
| 77.48.30.156:443 |
| 2018-09-03 09:19:20 | 1861d5d77198b3468a0a60495f0bdd19 | 52/68 (76.47%)
| 77.48.30.156:443 |
| 2018-09-01 23:45:05 | 41bbc2eca6cc2ca5dadfbb3145e13691 | 18/67 (26.87%)
| 37.252.8.97:443 |
| 2018-09-01 23:45:05 | 41bbc2eca6cc2ca5dadfbb3145e13691 | 18/67 (26.87%)
| 37.252.8.97:443 |
| 2018-09-01 14:35:40 | 42952ba62ccc536af3226578f338a5a0 | n/a | 77.48.30.156:443 |
| 2018-09-01 14:35:40 | 42952ba62ccc536af3226578f338a5a0 | n/a | 77.48.30.156:443 |
| 2018-09-01 00:26:37 | 29fd63e956f96d5318891a0662152519 | n/a | 77.48.30.156:443 |
| 2018-09-01 00:26:37 | 29fd63e956f96d5318891a0662152519 | n/a | 77.48.30.156:443 |
| 2018-09-01 00:14:38 | a23c4e116f9852a0b6897773e04f0388 | 51/68 (75.00%)
| 77.48.30.156:443 |
| 2018-09-01 00:14:38 | a23c4e116f9852a0b6897773e04f0388 | 51/68 (75.00%)
| 77.48.30.156:443 |
| 2018-08-31 18:27:51 | 4c21418604072d31f2867f10c4ba73d6 | n/a | 77.48.30.156:443 |
| 2018-08-31 18:27:51 | 4c21418604072d31f2867f10c4ba73d6 | n/a | 77.48.30.156:443 |
| 2018-08-31 15:40:01 | aa9e3bcf3add5d905ebfd3f62b6a0f3e | 60/67 (89.55%)
| 77.48.30.156:443 |
| 2018-08-31 15:40:01 | aa9e3bcf3add5d905ebfd3f62b6a0f3e | 60/67 (89.55%)
| 77.48.30.156:443 |
| 2018-08-30 22:04:30 | 3e635815daaf3f4332170f777f26904c | 46/67 (68.66%)
| 64.111.42.64:443 |
| 2018-08-30 22:04:30 | 3e635815daaf3f4332170f777f26904c | 46/67 (68.66%)
| 64.111.42.64:443 |
| 2018-08-30 19:01:22 | 7f329c708ca3ae517c3d25424b911bff | n/a | 77.48.30.156:443 |
| 2018-08-30 19:01:22 | 7f329c708ca3ae517c3d25424b911bff | n/a | 77.48.30.156:443 |
| 2018-08-30 17:41:33 | 3f250738e4727d52ce3bbfee3f76dc37 | 48/67 (71.64%)
| 37.57.144.177:443 |
| 2018-08-30 17:41:33 | 3f250738e4727d52ce3bbfee3f76dc37 | 48/67 (71.64%)
| 37.57.144.177:443 |
| 2018-08-30 15:08:42 | 2e061ddeec48be98ae4959c8395ab870 | 51/68 (75.00%)
| 37.57.144.177:443 |
| 2018-08-30 15:08:42 | 2e061ddeec48be98ae4959c8395ab870 | 51/68 (75.00%)
| 37.57.144.177:443 |
| 2018-08-30 13:25:53 | 06eef99bb40f79e2cfa78f53ff355cb6 | 47/68 (69.12%)
| 77.48.30.156:443 |
| 2018-08-30 13:25:53 | 06eef99bb40f79e2cfa78f53ff355cb6 | 47/68 (69.12%)
| 77.48.30.156:443 |
| 2018-08-30 10:24:42 | 41be0f91d7204de78aac06febc466983 | 48/68 (70.59%)
| 64.111.42.64:443 |
| 2018-08-30 10:24:42 | 41be0f91d7204de78aac06febc466983 | 48/68 (70.59%)
| 64.111.42.64:443 |
| 2018-08-29 19:09:16 | d93d8a46a65b039e4ac325e625b72e7f | 49/68 (72.06%)
| 77.48.30.156:443 |
| 2018-08-29 19:09:16 | d93d8a46a65b039e4ac325e625b72e7f | 49/68 (72.06%)
| 77.48.30.156:443 |
| 2018-08-28 17:11:26 | e8684f8eae36a7e93a87627351159d1c | 50/68 (73.53%)
| 37.57.144.177:443 |
| 2018-08-28 17:11:26 | e8684f8eae36a7e93a87627351159d1c | 50/68 (73.53%)
| 37.57.144.177:443 |
| 2018-08-28 08:48:43 | 645a54f0f32f77014154ed13b8fb59b3 | 48/68 (70.59%)
| 77.48.30.156:443 |
| 2018-08-28 08:48:43 | 645a54f0f32f77014154ed13b8fb59b3 | 48/68 (70.59%)
| 77.48.30.156:443 |
| 2018-08-27 21:54:28 | 0a6d5fa1eb87dda68b2137d1b2c57a91 | 54/68 (79.41%)
| 64.111.42.64:443 |
| 2018-08-27 21:54:28 | 0a6d5fa1eb87dda68b2137d1b2c57a91 | 54/68 (79.41%)
| 64.111.42.64:443 |
| 2018-08-27 03:00:35 | 43bd4984ee28498842db1f3f964d8196 | 50/68 (73.53%)
| 77.48.30.156:443 |
| 2018-08-27 03:00:35 | 43bd4984ee28498842db1f3f964d8196 | 50/68 (73.53%)
| 77.48.30.156:443 |
| 2018-08-26 21:04:25 | a393af470ea655a88bfd8444f488b118 | 45/67 (67.16%)
| 64.111.42.64:443 |
| 2018-08-26 21:04:25 | a393af470ea655a88bfd8444f488b118 | 45/67 (67.16%)
| 64.111.42.64:443 |
| 2018-08-26 12:05:22 | 3e91223303ea166ca63cae1d101f644f | 51/68 (75.00%)
| 77.48.30.156:443 |
| 2018-08-26 12:05:22 | 3e91223303ea166ca63cae1d101f644f | 51/68 (75.00%)
| 77.48.30.156:443 |
| 2018-08-26 07:35:24 | 6faa2ee323562d3dabeaf63e70e41193 | 47/68 (69.12%)
| 64.111.42.64:443 |
| 2018-08-26 07:35:24 | 6faa2ee323562d3dabeaf63e70e41193 | 47/68 (69.12%)
| 64.111.42.64:443 |
| 2018-08-26 06:28:49 | a06b4634070b5be72715efef579a15fe | 50/68 (73.53%)
| 77.48.30.156:443 |
| 2018-08-26 06:28:49 | a06b4634070b5be72715efef579a15fe | 50/68 (73.53%)
| 77.48.30.156:443 |
| 2018-08-25 22:36:37 | 1cd97719868d883ff2b029c28c529b6b | n/a | 77.48.30.156:443 |
| 2018-08-25 22:36:37 | 1cd97719868d883ff2b029c28c529b6b | n/a | 77.48.30.156:443 |
| 2018-08-24 22:58:45 | e693ec63df9cf74785b338215fd8ede2 | 49/67 (73.13%)
| 77.48.30.156:443 |
| 2018-08-24 22:58:45 | e693ec63df9cf74785b338215fd8ede2 | 49/67 (73.13%)
| 77.48.30.156:443 |
| 2018-08-23 15:26:13 | 1a1e1c1b35f93ff1027ce2b5bb932570 | 47/68 (69.12%)
| 64.111.42.64:443 |
| 2018-08-23 15:26:13 | 1a1e1c1b35f93ff1027ce2b5bb932570 | 47/68 (69.12%)
| 64.111.42.64:443 |
| 2018-08-22 21:51:46 | 44adbf06e3025a0a61285eff6da6c8b5 | n/a | 77.48.30.156:443 |
| 2018-08-22 21:51:46 | 44adbf06e3025a0a61285eff6da6c8b5 | n/a | 77.48.30.156:443 |
| 2018-08-22 06:55:25 | 8f084484aeb2d35ae70c14ed608a8829 | n/a | 77.48.30.156:443 |
| 2018-08-22 06:55:25 | 8f084484aeb2d35ae70c14ed608a8829 | n/a | 77.48.30.156:443 |
| 2018-08-21 23:03:25 | 53846913aacb2db0645167380fc3d04f | 51/68 (75.00%)
| 77.48.30.156:443 |
| 2018-08-21 23:03:25 | 53846913aacb2db0645167380fc3d04f | 51/68 (75.00%)
| 77.48.30.156:443 |
| 2018-08-21 20:22:15 | 93fbb31fb01041bb02dcf9e30724ff64 | n/a | 77.48.30.156:443 |
| 2018-08-21 20:22:15 | 93fbb31fb01041bb02dcf9e30724ff64 | n/a | 77.48.30.156:443 |
| 2018-08-21 15:26:25 | 97c3f3dfd8071a5b69d4d9b01f9f065d | n/a | 77.48.30.156:443 |
| 2018-08-21 15:26:25 | 97c3f3dfd8071a5b69d4d9b01f9f065d | n/a | 77.48.30.156:443 |
| 2018-08-19 22:46:39 | b7d620496600929fed2faa377ce65860 | 50/68 (73.53%)
| 77.48.30.156:443 |
| 2018-08-19 22:46:39 | b7d620496600929fed2faa377ce65860 | 50/68 (73.53%)
| 77.48.30.156:443 |
| 2018-08-19 10:21:45 | 744d7875e9a8f6e28bd285efa03441e7 | n/a | 37.57.144.177:443 |
| 2018-08-19 10:21:45 | 744d7875e9a8f6e28bd285efa03441e7 | n/a | 37.57.144.177:443 |
# of entries: 100 (max: 100)