JA3 Fingerprints

You can find further information about the JA3 fingerprint d76ee64fb7273733cbe455ac81c292e6, including the corresponding malware samples as well as the associated botnet C&Cs.

Database Entry


JA3 Fingerprint:d76ee64fb7273733cbe455ac81c292e6
First seen:2018-11-16 13:26:39 UTC
Last seen:2018-11-18 19:19:36 UTC
Status:Blacklisted
Malware samples:2
Destination IPs:2
Malware:Tofsee -
Listing date:2018-11-19 11:34:25

Malware Samples


The table below documents all malware samples associated with this JA3 Fingerprint.

Timestamp (UTC)Malware Sample (MD5 hash)VTBotnet C&C (IP:port)
2018-11-18 19:19:36bc95c3f699cea00f31cc288e669d9bd3Virustotal results 18/67 (26.87%) 159.53.52.227:443
2018-11-18 19:19:36bc95c3f699cea00f31cc288e669d9bd3Virustotal results 18/67 (26.87%) 159.53.52.227:443
2018-11-16 13:26:400d0e3832ff519b3ce734f8f122debcf4Virustotal results 27/67 (40.30%) 159.53.116.245:443
2018-11-16 13:26:400d0e3832ff519b3ce734f8f122debcf4Virustotal results 27/67 (40.30%) 159.53.116.245:443

# of entries: 4 (max: 100)