JA3 Fingerprints

You can find further information about the JA3 fingerprint d7150af4514b868defb854db0f62a441, including the corresponding malware samples as well as the associated botnet C&Cs.

Database Entry


JA3 Fingerprint:d7150af4514b868defb854db0f62a441
First seen:2017-07-23 09:39:24 UTC
Last seen:2018-07-24 01:04:58 UTC
Status:Blacklisted
Malware samples:82
Destination IPs:10
Malware:Tofsee -
Listing date:2018-11-14 12:42:02

Malware Samples


The table below documents all malware samples associated with this JA3 Fingerprint.

Timestamp (UTC)Malware Sample (MD5 hash)VTBotnet C&C (IP:port)
2018-07-24 01:04:58bb1ef3cfc6ed06a5467abb5ab0543566Virustotal results 29/67 (43.28%) 104.23.128.76:443
2018-07-24 01:04:58bb1ef3cfc6ed06a5467abb5ab0543566Virustotal results 29/67 (43.28%) 104.23.128.76:443
2018-04-17 11:20:5888832aed6a9f830b742d219b2d986a67Virustotal results 57/67 (85.07%) 104.23.129.76:443
2018-04-17 11:20:5888832aed6a9f830b742d219b2d986a67Virustotal results 57/67 (85.07%) 104.23.129.76:443
2018-04-16 00:30:58fe16931fc9a7c3a9c5fdcabd1d8f5f4bVirustotal results 47/67 (70.15%) 104.23.129.76:443
2018-04-16 00:30:58fe16931fc9a7c3a9c5fdcabd1d8f5f4bVirustotal results 47/67 (70.15%) 104.23.129.76:443
2018-04-15 18:42:37e594c61c57f65f42a2b9499741fcd1e2Virustotal results 46/66 (69.70%) 104.23.129.76:443
2018-04-15 18:42:37e594c61c57f65f42a2b9499741fcd1e2Virustotal results 46/66 (69.70%) 104.23.129.76:443
2018-04-14 18:05:56700c43f9e41e479dc1a29405a9ac81dbVirustotal results 58/67 (86.57%) 104.23.128.76:443
2018-04-14 18:05:56700c43f9e41e479dc1a29405a9ac81dbVirustotal results 58/67 (86.57%) 104.23.128.76:443
2018-04-14 14:30:5625e8f37cc18bc29ebb44146863807f48Virustotal results 52/65 (80.00%) 104.23.128.76:443
2018-04-14 14:30:5625e8f37cc18bc29ebb44146863807f48Virustotal results 52/65 (80.00%) 104.23.128.76:443
2018-04-14 05:53:245bdfecf6149389541b4fdf7df04fd51bVirustotal results 46/66 (69.70%) 104.23.129.76:443
2018-04-14 05:53:245bdfecf6149389541b4fdf7df04fd51bVirustotal results 46/66 (69.70%) 104.23.129.76:443
2018-04-14 02:50:02825b3fcc446ae58e72f4dbd8920464cbVirustotal results 46/67 (68.66%) 104.23.128.76:443
2018-04-14 02:50:02825b3fcc446ae58e72f4dbd8920464cbVirustotal results 46/67 (68.66%) 104.23.128.76:443
2018-04-13 23:35:37a9af0834a4f77c8c11f875913292ec96Virustotal results 44/68 (64.71%) 104.23.129.76:443
2018-04-13 23:35:37a9af0834a4f77c8c11f875913292ec96Virustotal results 44/68 (64.71%) 104.23.129.76:443
2018-04-13 11:01:187c06a85fbdf33477ac2458c957e056afVirustotal results 37/66 (56.06%) 104.23.128.76:443
2018-04-13 11:01:187c06a85fbdf33477ac2458c957e056afVirustotal results 37/66 (56.06%) 104.23.128.76:443
2018-04-13 10:43:56ef0ebbb6e7b32dbff9e7f2ed5d1015e0Virustotal results 43/66 (65.15%) 104.23.128.76:443
2018-04-13 10:43:56ef0ebbb6e7b32dbff9e7f2ed5d1015e0Virustotal results 43/66 (65.15%) 104.23.128.76:443
2018-04-13 09:57:385c6c0ca99075b3f53bae22b965d6682bVirustotal results 55/67 (82.09%) 104.23.128.76:443
2018-04-13 09:57:385c6c0ca99075b3f53bae22b965d6682bVirustotal results 55/67 (82.09%) 104.23.128.76:443
2018-04-13 08:25:43348574c4f47fcb0398b6dffd229da6ceVirustotal results 47/67 (70.15%) 104.23.129.76:443
2018-04-13 08:25:43348574c4f47fcb0398b6dffd229da6ceVirustotal results 47/67 (70.15%) 104.23.129.76:443
2018-04-13 05:28:2214587f387748738734bea6b4eb73e829Virustotal results 22/66 (33.33%) 104.23.129.76:443
2018-04-13 05:28:2214587f387748738734bea6b4eb73e829Virustotal results 22/66 (33.33%) 104.23.129.76:443
2018-04-13 05:06:09c11f880793ec7e81e9a37c4527eceb36Virustotal results 48/67 (71.64%) 104.23.129.76:443
2018-04-13 05:06:09c11f880793ec7e81e9a37c4527eceb36Virustotal results 48/67 (71.64%) 104.23.129.76:443
2018-04-13 04:28:138af56a3108bc25a74ffc632a52668295Virustotal results 40/66 (60.61%) 104.23.128.76:443
2018-04-13 04:28:138af56a3108bc25a74ffc632a52668295Virustotal results 40/66 (60.61%) 104.23.129.76:443
2018-04-13 04:28:138af56a3108bc25a74ffc632a52668295Virustotal results 40/66 (60.61%) 104.23.128.76:443
2018-04-13 04:28:138af56a3108bc25a74ffc632a52668295Virustotal results 40/66 (60.61%) 104.23.129.76:443
2018-04-12 15:25:222d5f05136ee3a2e439aa0001a5229df6Virustotal results 55/66 (83.33%) 104.23.128.76:443
2018-04-12 15:25:222d5f05136ee3a2e439aa0001a5229df6Virustotal results 55/66 (83.33%) 104.23.128.76:443
2018-04-12 13:12:37b86ac124469b5440dcb9f39effb92fe3Virustotal results 51/68 (75.00%) 104.23.128.76:443
2018-04-12 13:12:37b86ac124469b5440dcb9f39effb92fe3Virustotal results 51/68 (75.00%) 104.23.128.76:443
2018-04-12 10:52:25d45b565e966b1af01c5b6a1941d5f221Virustotal results 47/68 (69.12%) 104.23.128.76:443
2018-04-12 10:52:25d45b565e966b1af01c5b6a1941d5f221Virustotal results 47/68 (69.12%) 104.23.128.76:443
2018-04-12 10:38:198a744de2f3f06242f7d46169070674c3Virustotal results 45/67 (67.16%) 104.23.129.76:443
2018-04-12 10:38:198a744de2f3f06242f7d46169070674c3Virustotal results 45/67 (67.16%) 104.23.129.76:443
2018-04-12 09:07:37b4e92556b01e5f6375ef2df611fe1035Virustotal results 40/67 (59.70%) 104.23.129.76:443
2018-04-12 09:07:37b4e92556b01e5f6375ef2df611fe1035Virustotal results 40/67 (59.70%) 104.23.129.76:443
2018-04-12 07:54:26b98d69200efc7e25d9ac374d784eabf3Virustotal results 49/68 (72.06%) 104.23.129.76:443
2018-04-12 07:54:26b98d69200efc7e25d9ac374d784eabf3Virustotal results 49/68 (72.06%) 104.23.129.76:443
2018-04-12 02:40:201a46aefe7c52e3ec254e483d7fcd1a87Virustotal results 43/67 (64.18%) 104.23.129.76:443
2018-04-12 02:40:201a46aefe7c52e3ec254e483d7fcd1a87Virustotal results 43/67 (64.18%) 104.23.129.76:443
2018-04-11 19:53:06fc9502e2ad515748fb3a5b6d563c4131Virustotal results 47/66 (71.21%) 104.23.128.76:443
2018-04-11 19:53:06fc9502e2ad515748fb3a5b6d563c4131Virustotal results 47/66 (71.21%) 104.23.128.76:443
2018-04-11 18:58:10029951d316f148f9505cfdd19521a001Virustotal results 40/67 (59.70%) 104.23.128.76:443
2018-04-11 18:58:10029951d316f148f9505cfdd19521a001Virustotal results 40/67 (59.70%) 104.23.128.76:443
2018-04-11 15:49:58c58f378003b3fad4b6da5f9b661134e7Virustotal results 19/68 (27.94%) 104.23.129.76:443
2018-04-11 15:49:58c58f378003b3fad4b6da5f9b661134e7Virustotal results 19/68 (27.94%) 104.23.129.76:443
2018-04-11 14:50:3651623a66de974b06cdde948f05dda67aVirustotal results 47/67 (70.15%) 104.23.128.76:443
2018-04-11 14:50:3651623a66de974b06cdde948f05dda67aVirustotal results 47/67 (70.15%) 104.23.128.76:443
2018-04-11 14:32:31794b4f33dd2096959ec0835288a08c55n/a104.23.129.76:443
2018-04-11 14:32:31794b4f33dd2096959ec0835288a08c55n/a104.23.129.76:443
2018-04-11 12:59:4499c2680935ca9d170cd88155d14f8962n/a104.23.128.76:443
2018-04-11 12:59:4499c2680935ca9d170cd88155d14f8962n/a104.23.128.76:443
2018-04-11 12:16:07577a1305616b251fa7561e07b50e2806n/a104.23.128.76:443
2018-04-11 12:16:07577a1305616b251fa7561e07b50e2806n/a104.23.128.76:443
2018-04-11 07:01:41dacd8a1b58e5551f05977514ce9a2fe6n/a104.23.128.76:443
2018-04-11 07:01:41dacd8a1b58e5551f05977514ce9a2fe6n/a104.23.128.76:443
2018-04-11 06:55:453f6d6a78d9e3275529eb1141c97e1d41n/a104.23.129.76:443
2018-04-11 06:55:453f6d6a78d9e3275529eb1141c97e1d41n/a104.23.129.76:443
2018-04-11 05:08:30704f823717c19c07666a464057d11a92Virustotal results 17/67 (25.37%) 104.23.129.76:443
2018-04-11 05:08:30704f823717c19c07666a464057d11a92Virustotal results 17/67 (25.37%) 104.23.129.76:443
2018-04-11 02:30:10b1f4e5d19906459c0dbc441c34b45d18Virustotal results 49/68 (72.06%) 104.23.129.76:443
2018-04-11 02:30:10b1f4e5d19906459c0dbc441c34b45d18Virustotal results 49/68 (72.06%) 104.23.129.76:443
2018-04-11 02:01:34ef3fa6848f894ab02664b43b1f6606beVirustotal results 49/68 (72.06%) 104.23.128.76:443
2018-04-11 02:01:34ef3fa6848f894ab02664b43b1f6606beVirustotal results 49/68 (72.06%) 104.23.128.76:443
2018-04-10 15:47:15d024a52c3ecf5bf5fbecaefc15ecc946Virustotal results 47/66 (71.21%) 104.23.129.76:443
2018-04-10 15:47:15d024a52c3ecf5bf5fbecaefc15ecc946Virustotal results 47/66 (71.21%) 104.23.129.76:443
2018-04-10 12:48:03b107e700cf8e8a69e5975390efa3fe85Virustotal results 33/67 (49.25%) 104.23.128.76:443
2018-04-10 12:48:03b107e700cf8e8a69e5975390efa3fe85Virustotal results 33/67 (49.25%) 104.23.128.76:443
2018-04-10 09:38:32d0c6826d2574f903451c2179ba991b19Virustotal results 44/67 (65.67%) 104.23.129.76:443
2018-04-10 09:38:32d0c6826d2574f903451c2179ba991b19Virustotal results 44/67 (65.67%) 104.23.129.76:443
2018-04-10 04:46:430e8d0549c9226fe387887238aecd8901Virustotal results 39/66 (59.09%) 104.23.128.76:443
2018-04-10 04:46:430e8d0549c9226fe387887238aecd8901Virustotal results 39/66 (59.09%) 104.23.128.76:443
2018-04-10 02:00:235c3550574945d7427da9457aeb98d9acVirustotal results 36/66 (54.55%) 104.23.128.76:443
2018-04-10 02:00:235c3550574945d7427da9457aeb98d9acVirustotal results 36/66 (54.55%) 104.23.128.76:443
2018-04-09 22:06:049681eaddffd63b1361cf0e0710c977b0Virustotal results 55/67 (82.09%) 104.23.128.76:443
2018-04-09 22:06:049681eaddffd63b1361cf0e0710c977b0Virustotal results 55/67 (82.09%) 104.23.128.76:443
2018-04-09 21:04:1720f0a425d4dd52db90681cfa88eb2841Virustotal results 54/67 (80.60%) 104.23.129.76:443
2018-04-09 21:04:1720f0a425d4dd52db90681cfa88eb2841Virustotal results 54/67 (80.60%) 104.23.129.76:443
2018-04-09 18:52:57f4f2c599528e6e5f3753aabd87724943Virustotal results 49/67 (73.13%) 104.23.129.76:443
2018-04-09 18:52:57f4f2c599528e6e5f3753aabd87724943Virustotal results 49/67 (73.13%) 104.23.129.76:443
2018-04-09 13:09:07fdc0cfc5c111ab955f45e40f7eb206f6n/a104.23.128.76:443
2018-04-09 13:09:07fdc0cfc5c111ab955f45e40f7eb206f6n/a104.23.128.76:443
2018-04-09 11:00:1599b207f572f0ee4d56fa429d1eed49e9Virustotal results 48/67 (71.64%) 104.23.128.76:443
2018-04-09 11:00:1599b207f572f0ee4d56fa429d1eed49e9Virustotal results 48/67 (71.64%) 104.23.128.76:443
2018-04-08 07:35:3835483fcb8e866fb79ae85aadae158f1eVirustotal results 43/67 (64.18%) 104.23.128.76:443
2018-04-08 07:35:3835483fcb8e866fb79ae85aadae158f1eVirustotal results 43/67 (64.18%) 104.23.128.76:443
2018-04-08 07:00:063d4f7c39621940eda0515979d17cc2e0Virustotal results 37/65 (56.92%) 104.23.129.76:443
2018-04-08 07:00:063d4f7c39621940eda0515979d17cc2e0Virustotal results 37/65 (56.92%) 104.23.129.76:443
2018-04-08 03:03:406e84f0904c7eade76a95311d2f7ecfe2Virustotal results 45/68 (66.18%) 104.23.129.76:443
2018-04-08 03:03:406e84f0904c7eade76a95311d2f7ecfe2Virustotal results 45/68 (66.18%) 104.23.129.76:443
2018-04-08 02:25:0138c2f3074be6b7e30580fed9fa3cd75eVirustotal results 47/68 (69.12%) 104.23.128.76:443
2018-04-08 02:25:0138c2f3074be6b7e30580fed9fa3cd75eVirustotal results 47/68 (69.12%) 104.23.128.76:443

# of entries: 100 (max: 100)