JA3 Fingerprints

You can find further information about the JA3 fingerprint d81d654effb94714a4086734fa0adad9, including the corresponding malware samples as well as the associated botnet C&Cs.

Database Entry


JA3 Fingerprint:d81d654effb94714a4086734fa0adad9
First seen:2019-07-16 23:29:02 UTC
Last seen:2020-09-21 18:40:14 UTC
Status:Blacklisted
Malware samples:759
Destination IPs:115
Malware:Tofsee -
Listing date:2020-01-09 14:27:02

Malware Samples


The table below documents all malware samples associated with this JA3 Fingerprint.

Timestamp (UTC)Malware Sample (MD5 hash)VTBotnet C&C (IP:port)
2020-09-21 18:40:1422d0478156eedc2336f51ac4bc901fc4Virustotal results 52 / 67 (77.61%) 64.233.164.95:443
2020-09-21 18:40:1422d0478156eedc2336f51ac4bc901fc4Virustotal results 52 / 67 (77.61%) 64.233.162.95:443
2020-09-21 11:32:35d929687a05828f5c3bb458d893ca6409Virustotal results 43 / 70 (61.43%) 173.194.220.95:443
2020-09-21 10:49:13d3f509413a3dbdc992676ae0ac29e571Virustotal results 52 / 67 (77.61%) 64.233.161.95:443
2020-09-20 20:10:12b385f11aef6f8c466681cccd374d3befVirustotal results 45 / 68 (66.18%) 173.194.222.95:443
2020-09-20 07:22:19a969cf2ae03b415af3776d622b16b1cfVirustotal results 57 / 68 (83.82%) 173.194.222.95:443
2020-09-20 02:52:5432169d1542f68c8d7a8b7b9c2e3f77c6Virustotal results 51 / 67 (76.12%) 64.233.162.188:5228
2020-09-20 02:52:5332169d1542f68c8d7a8b7b9c2e3f77c6Virustotal results 51 / 67 (76.12%) 64.233.164.95:443
2020-09-20 02:52:5332169d1542f68c8d7a8b7b9c2e3f77c6Virustotal results 51 / 67 (76.12%) 172.217.219.188:5228
2020-09-20 02:52:5232169d1542f68c8d7a8b7b9c2e3f77c6Virustotal results 51 / 67 (76.12%) 173.194.201.188:443
2020-09-19 07:51:2715e1c93f717b1f6467420e6b63aa4e0aVirustotal results 47 / 69 (68.12%) 64.233.161.95:443
2020-09-19 00:52:001eccd59c79d0d78b06e788930596915aVirustotal results 47 / 67 (70.15%) 64.233.165.95:443
2020-09-19 00:09:480746c5c64e614f197db6581e5934f1a9Virustotal results 57 / 67 (85.07%) 173.194.73.95:443
2020-09-18 05:36:56a7495f27cc8783a94b03628e0160aebfVirustotal results 29 / 68 (42.65%) 172.217.219.188:5228
2020-09-18 05:36:55a7495f27cc8783a94b03628e0160aebfVirustotal results 29 / 68 (42.65%) 64.233.177.188:5228
2020-09-18 05:36:55a7495f27cc8783a94b03628e0160aebfVirustotal results 29 / 68 (42.65%) 64.233.161.188:5228
2020-09-18 05:36:55a7495f27cc8783a94b03628e0160aebfVirustotal results 29 / 68 (42.65%) 64.233.162.188:5228
2020-09-18 05:36:55a7495f27cc8783a94b03628e0160aebfVirustotal results 29 / 68 (42.65%) 142.250.101.188:443
2020-09-18 05:36:54a7495f27cc8783a94b03628e0160aebfVirustotal results 29 / 68 (42.65%) 64.233.165.95:443
2020-09-18 05:36:54a7495f27cc8783a94b03628e0160aebfVirustotal results 29 / 68 (42.65%) 173.194.201.188:443
2020-09-18 03:38:3385708349ac5add571d697b0589a95d1an/a173.194.201.188:443
2020-09-18 03:38:3385708349ac5add571d697b0589a95d1an/a64.233.162.95:443
2020-09-18 03:38:3385708349ac5add571d697b0589a95d1an/a209.85.233.188:5228
2020-09-18 03:38:3385708349ac5add571d697b0589a95d1an/a142.250.101.188:443
2020-09-17 23:38:4825c209e6ec88aebd18b6abaed697d334Virustotal results 58 / 69 (84.06%) 173.194.73.95:443
2020-09-15 22:28:308d7286eac7dd8e05f265b8b3a7e88a06Virustotal results 42 / 69 (60.87%) 64.233.162.188:5228
2020-09-15 21:03:5757251beb5c8855bb7a570323517823b4Virustotal results 42 / 68 (61.76%) 142.250.28.188:443
2020-09-15 21:03:5757251beb5c8855bb7a570323517823b4Virustotal results 42 / 68 (61.76%) 74.125.28.188:443
2020-09-15 21:03:5657251beb5c8855bb7a570323517823b4Virustotal results 42 / 68 (61.76%) 64.233.161.188:5228
2020-09-15 21:03:5557251beb5c8855bb7a570323517823b4Virustotal results 42 / 68 (61.76%) 64.233.162.95:443
2020-09-15 21:03:5557251beb5c8855bb7a570323517823b4Virustotal results 42 / 68 (61.76%) 173.194.209.188:5228
2020-09-15 21:03:5557251beb5c8855bb7a570323517823b4Virustotal results 42 / 68 (61.76%) 173.194.73.188:5228
2020-09-15 21:03:5457251beb5c8855bb7a570323517823b4Virustotal results 42 / 68 (61.76%) 64.233.165.188:5228
2020-09-15 20:31:0251cc966a1add0cf363c86a2d901a2f38Virustotal results 52 / 69 (75.36%) 173.194.73.188:5228
2020-09-15 20:31:0251cc966a1add0cf363c86a2d901a2f38Virustotal results 52 / 69 (75.36%) 142.250.96.188:5228
2020-09-15 19:38:2914fd93aab64d4c567ca88b5c28bb8535n/a172.217.219.188:5228
2020-09-15 19:38:2914fd93aab64d4c567ca88b5c28bb8535n/a142.250.101.188:443
2020-09-15 19:38:2914fd93aab64d4c567ca88b5c28bb8535n/a64.233.161.188:5228
2020-09-15 19:38:2914fd93aab64d4c567ca88b5c28bb8535n/a74.125.28.188:443
2020-09-15 19:38:2814fd93aab64d4c567ca88b5c28bb8535n/a64.233.165.95:443
2020-09-14 23:26:39a02488c102196adb92a86a947a65b7fcVirustotal results 33 / 67 (49.25%) 108.177.97.188:443
2020-09-14 23:26:39a02488c102196adb92a86a947a65b7fcVirustotal results 33 / 67 (49.25%) 173.194.201.188:5228
2020-09-14 23:26:39a02488c102196adb92a86a947a65b7fcVirustotal results 33 / 67 (49.25%) 64.233.161.95:443
2020-09-14 23:26:39a02488c102196adb92a86a947a65b7fcVirustotal results 33 / 67 (49.25%) 64.233.165.188:5228
2020-09-14 23:26:38a02488c102196adb92a86a947a65b7fcVirustotal results 33 / 67 (49.25%) 173.194.209.188:5228
2020-09-14 23:26:38a02488c102196adb92a86a947a65b7fcVirustotal results 33 / 67 (49.25%) 142.250.101.188:443
2020-09-14 23:26:38a02488c102196adb92a86a947a65b7fcVirustotal results 33 / 67 (49.25%) 74.125.205.188:5228
2020-09-13 07:28:54ae5ea6b9e86e5d20a2baac784f868d0fVirustotal results 43 / 68 (63.24%) 142.250.96.188:5228
2020-09-13 07:28:54ae5ea6b9e86e5d20a2baac784f868d0fVirustotal results 43 / 68 (63.24%) 172.217.219.188:5228
2020-09-13 07:28:53ae5ea6b9e86e5d20a2baac784f868d0fVirustotal results 43 / 68 (63.24%) 209.85.233.188:5228
2020-09-13 07:28:53ae5ea6b9e86e5d20a2baac784f868d0fVirustotal results 43 / 68 (63.24%) 173.194.209.188:5228
2020-09-13 06:00:59ac62c5a952ceeb4619a43da53a594a98Virustotal results 35 / 63 (55.56%) 142.250.101.188:443
2020-09-13 06:00:59ac62c5a952ceeb4619a43da53a594a98Virustotal results 35 / 63 (55.56%) 173.194.220.188:5228
2020-09-13 06:00:59ac62c5a952ceeb4619a43da53a594a98Virustotal results 35 / 63 (55.56%) 74.125.28.188:443
2020-09-13 06:00:58ac62c5a952ceeb4619a43da53a594a98Virustotal results 35 / 63 (55.56%) 64.233.162.188:5228
2020-09-13 01:55:02a5d74ff4edb8695fac66500947ba8e7dn/a173.194.222.188:5228
2020-09-13 01:55:01a5d74ff4edb8695fac66500947ba8e7dn/a173.194.201.188:443
2020-09-13 01:55:01a5d74ff4edb8695fac66500947ba8e7dn/a64.233.165.188:5228
2020-09-13 01:55:01a5d74ff4edb8695fac66500947ba8e7dn/a64.233.177.188:5228
2020-09-13 01:55:01a5d74ff4edb8695fac66500947ba8e7dn/a209.85.233.95:443
2020-09-13 01:55:01a5d74ff4edb8695fac66500947ba8e7dn/a173.194.221.188:5228
2020-09-12 23:12:27a1fececf74d64d08bc4093349ab787cdVirustotal results 45 / 70 (64.29%) 173.194.73.188:5228
2020-09-12 23:12:27a1fececf74d64d08bc4093349ab787cdVirustotal results 45 / 70 (64.29%) 64.233.162.188:5228
2020-09-12 23:12:26a1fececf74d64d08bc4093349ab787cdVirustotal results 45 / 70 (64.29%) 74.125.205.188:5228
2020-09-12 23:12:26a1fececf74d64d08bc4093349ab787cdVirustotal results 45 / 70 (64.29%) 64.233.177.188:5228
2020-09-12 23:12:25a1fececf74d64d08bc4093349ab787cdVirustotal results 45 / 70 (64.29%) 64.233.164.95:443
2020-09-12 23:12:25a1fececf74d64d08bc4093349ab787cdVirustotal results 45 / 70 (64.29%) 74.125.28.188:443
2020-09-12 16:22:31b1148522506ea57b5140ed4cec256368n/a64.233.177.188:5228
2020-09-12 16:22:31b1148522506ea57b5140ed4cec256368n/a173.194.222.95:443
2020-09-12 16:22:30b1148522506ea57b5140ed4cec256368n/a64.233.165.188:5228
2020-09-12 02:32:17a65cf37a9b90aeb237e50c5f6044aaafn/a173.194.201.188:443
2020-09-12 02:32:17a65cf37a9b90aeb237e50c5f6044aaafn/a64.233.164.188:5228
2020-09-12 02:32:16a65cf37a9b90aeb237e50c5f6044aaafn/a173.194.220.95:443
2020-09-12 02:32:16a65cf37a9b90aeb237e50c5f6044aaafn/a173.194.222.188:5228
2020-09-12 02:32:16a65cf37a9b90aeb237e50c5f6044aaafn/a173.194.221.188:5228
2020-09-12 02:32:16a65cf37a9b90aeb237e50c5f6044aaafn/a64.233.177.188:5228
2020-09-12 02:32:16a65cf37a9b90aeb237e50c5f6044aaafn/a173.194.209.188:5228
2020-09-11 21:45:46a2be96aa4382f3695db42c8fb6a5b41fVirustotal results 53 / 69 (76.81%) 142.250.96.188:5228
2020-09-11 21:45:46a2be96aa4382f3695db42c8fb6a5b41fVirustotal results 53 / 69 (76.81%) 209.85.233.188:5228
2020-09-10 20:35:48ac06b80579892816f72860b24a1bfbfbVirustotal results 50 / 66 (75.76%) 64.233.161.188:5228
2020-09-07 06:21:30a138f6e816be6b3facc06a4f70fc65dfVirustotal results 55 / 70 (78.57%) 209.85.233.188:5228
2020-09-07 06:00:5558941ec296eb1a0c5f102dd2aa32bb95n/a74.125.28.188:443
2020-09-07 06:00:5558941ec296eb1a0c5f102dd2aa32bb95n/a64.233.162.188:5228
2020-09-06 22:06:136d1275a2a7371d6547048e7abc9dccb7Virustotal results 56 / 68 (82.35%) 64.233.162.95:443
2020-09-06 22:06:126d1275a2a7371d6547048e7abc9dccb7Virustotal results 56 / 68 (82.35%) 142.250.96.188:5228
2020-09-06 22:06:126d1275a2a7371d6547048e7abc9dccb7Virustotal results 56 / 68 (82.35%) 64.233.162.188:5228
2020-09-06 22:06:126d1275a2a7371d6547048e7abc9dccb7Virustotal results 56 / 68 (82.35%) 64.233.161.188:5228
2020-09-06 22:06:126d1275a2a7371d6547048e7abc9dccb7Virustotal results 56 / 68 (82.35%) 173.194.201.188:443
2020-09-06 16:15:1444401bab64b93a16fb2871e1666f03edVirustotal results 47 / 74 (63.51%) 64.233.165.188:5228
2020-09-06 16:15:1444401bab64b93a16fb2871e1666f03edVirustotal results 47 / 74 (63.51%) 142.250.96.188:5228
2020-09-06 16:15:1444401bab64b93a16fb2871e1666f03edVirustotal results 47 / 74 (63.51%) 173.194.222.95:443
2020-09-06 16:15:1344401bab64b93a16fb2871e1666f03edVirustotal results 47 / 74 (63.51%) 74.125.205.188:5228
2020-08-30 20:22:01404c1523c56001e0d68664c09a94f603Virustotal results 49 / 69 (71.01%) 173.194.201.188:443
2020-08-30 20:22:00404c1523c56001e0d68664c09a94f603Virustotal results 49 / 69 (71.01%) 64.233.161.188:5228
2020-08-30 16:45:07a67377174cfbc777c264bbb64baf2434Virustotal results 43 / 67 (64.18%) 64.233.165.188:5228
2020-08-30 16:45:07a67377174cfbc777c264bbb64baf2434Virustotal results 43 / 67 (64.18%) 64.233.162.188:5228
2020-08-30 16:45:06a67377174cfbc777c264bbb64baf2434Virustotal results 43 / 67 (64.18%) 173.194.209.188:5228
2020-08-30 16:45:06a67377174cfbc777c264bbb64baf2434Virustotal results 43 / 67 (64.18%) 172.217.219.188:5228
2020-08-30 16:45:06a67377174cfbc777c264bbb64baf2434Virustotal results 43 / 67 (64.18%) 108.177.97.188:443
2020-08-30 16:45:06a67377174cfbc777c264bbb64baf2434Virustotal results 43 / 67 (64.18%) 142.250.101.188:443

# of entries: 100 (max: 100)