JA3 Fingerprints
You can find further information about the JA3 fingerprint da949afd9bd6df820730f8f171584a71, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | da949afd9bd6df820730f8f171584a71 |
|---|---|
| First seen: | 2018-02-03 05:19:37 UTC |
| Last seen: | 2021-03-08 22:10:10 UTC |
| Status: | Blacklisted |
| Malware samples: | 231 |
| Destination IPs: | 26 |
| Malware: | Tofsee  |
| Listing date: | 2020-01-09 14:28:57 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2023-12-10 07:30:39 | b9922787936c8e2ed028b5bd652d7ee9 | n/a | 57.128.74.69:443 |
| 2023-12-10 07:30:37 | b9922787936c8e2ed028b5bd652d7ee9 | n/a | 104.16.183.69:8443 |
| 2021-03-08 22:10:10 | 0a6d0faaf9ebb396c8cbeb74a48e83ab |  39 / 71 (54.93%)
| 31.13.64.16:443 |
| 2021-03-08 22:10:10 | 0a6d0faaf9ebb396c8cbeb74a48e83ab | 39 / 71 (54.93%)
| 31.13.64.16:443 |
| 2021-03-06 05:47:37 | 776fc552da154a0f3ddcd193928903de | 46 / 69 (66.67%)
| 31.13.70.1:443 |
| 2021-03-06 05:47:37 | 776fc552da154a0f3ddcd193928903de | 46 / 69 (66.67%)
| 31.13.70.1:443 |
| 2021-02-26 23:47:56 | 02fc191f86d2af8b1f2803b42c2eac70 | 50 / 71 (70.42%)
| 157.240.201.17:443 |
| 2021-02-26 23:47:56 | 02fc191f86d2af8b1f2803b42c2eac70 | 50 / 71 (70.42%)
| 157.240.201.17:443 |
| 2021-02-26 01:08:59 | 95b0c41fbffad6344ae07dd93582c443 | 40 / 70 (57.14%)
| 69.171.250.15:443 |
| 2021-02-26 01:08:59 | 95b0c41fbffad6344ae07dd93582c443 | 40 / 70 (57.14%)
| 69.171.250.15:443 |
| 2021-02-25 00:20:04 | f551d85196beeb5945c2e48a14fdadf5 | n/a | 31.13.64.16:443 |
| 2021-02-25 00:20:04 | f551d85196beeb5945c2e48a14fdadf5 | n/a | 157.240.201.17:443 |
| 2021-02-25 00:20:04 | f551d85196beeb5945c2e48a14fdadf5 | n/a | 31.13.64.16:443 |
| 2021-02-25 00:20:04 | f551d85196beeb5945c2e48a14fdadf5 | n/a | 157.240.201.17:443 |
| 2021-02-24 09:58:36 | d248cd2d702bc7988fe9dd41a820fe0d | 42 / 70 (60.00%)
| 157.240.201.17:443 |
| 2021-02-24 09:58:36 | d248cd2d702bc7988fe9dd41a820fe0d | 42 / 70 (60.00%)
| 157.240.201.17:443 |
| 2021-02-21 05:20:43 | a0be572113313130a1b180cd2aa82358 | 54 / 70 (77.14%)
| 157.240.17.17:443 |
| 2021-02-21 05:20:43 | a0be572113313130a1b180cd2aa82358 | 54 / 70 (77.14%)
| 157.240.17.17:443 |
| 2021-02-21 04:15:35 | a20783d93c9105430e8831166bc9d807 | 50 / 71 (70.42%)
| 157.240.201.17:443 |
| 2021-02-21 04:15:35 | a20783d93c9105430e8831166bc9d807 | 50 / 71 (70.42%)
| 157.240.201.17:443 |
| 2021-02-19 20:04:48 | 69ba966bbb3726208272a4eb02b69c57 | 44 / 70 (62.86%)
| 157.240.17.17:443 |
| 2021-02-19 20:04:48 | 69ba966bbb3726208272a4eb02b69c57 | 44 / 70 (62.86%)
| 157.240.17.17:443 |
| 2021-02-07 22:13:08 | 52aae4c278ee18ab06b6c28a8eafa931 | 41 / 71 (57.75%)
| 157.240.17.17:443 |
| 2021-02-07 22:13:08 | 52aae4c278ee18ab06b6c28a8eafa931 | 41 / 71 (57.75%)
| 157.240.17.17:443 |
| 2021-02-07 21:46:24 | 1dfb214be4a2a9cebdfe9562e28c688b | 51 / 70 (72.86%)
| 69.171.250.15:443 |
| 2021-02-07 21:46:24 | 1dfb214be4a2a9cebdfe9562e28c688b | 51 / 70 (72.86%)
| 69.171.250.15:443 |
| 2021-02-07 21:20:29 | 18adf070247d55ac36a5980fb0b05d7b | 46 / 69 (66.67%)
| 157.240.17.17:443 |
| 2021-02-07 21:20:29 | 18adf070247d55ac36a5980fb0b05d7b | 46 / 69 (66.67%)
| 157.240.17.17:443 |
| 2021-02-07 21:07:42 | 05a2ee33b36f4165f20c020ef97736f1 | n/a | 157.240.17.17:443 |
| 2021-02-07 21:07:42 | 05a2ee33b36f4165f20c020ef97736f1 | n/a | 157.240.17.17:443 |
| 2021-02-06 02:43:44 | 5cbf4e70cee15ba43e807c772ff71a57 | 59 / 70 (84.29%)
| 31.13.64.16:443 |
| 2021-02-06 02:43:44 | 5cbf4e70cee15ba43e807c772ff71a57 | 59 / 70 (84.29%)
| 31.13.64.16:443 |
| 2021-02-06 02:43:43 | 5cbf4e70cee15ba43e807c772ff71a57 | 59 / 70 (84.29%)
| 157.240.201.17:443 |
| 2021-02-06 02:43:43 | 5cbf4e70cee15ba43e807c772ff71a57 | 59 / 70 (84.29%)
| 157.240.201.17:443 |
| 2021-02-02 21:01:19 | 59d54b26e82e2d012f3185ed2e03c64e | 46 / 69 (66.67%)
| 69.171.250.15:443 |
| 2021-02-02 21:01:19 | 59d54b26e82e2d012f3185ed2e03c64e | 46 / 69 (66.67%)
| 69.171.250.15:443 |
| 2021-01-28 05:08:24 | 582d1101d6e6cfe1738476bb733c5c7d | n/a | 157.240.17.17:443 |
| 2021-01-28 05:08:24 | 582d1101d6e6cfe1738476bb733c5c7d | n/a | 157.240.17.17:443 |
| 2021-01-27 23:26:00 | 2c16d67fe7e55b3db9e9086d94329110 | n/a | 185.60.216.15:443 |
| 2021-01-27 23:26:00 | 2c16d67fe7e55b3db9e9086d94329110 | n/a | 185.60.216.15:443 |
| 2021-01-27 22:05:00 | 1740be47930387f2746979dbb7300ef9 | 44 / 71 (61.97%)
| 157.240.201.17:443 |
| 2021-01-27 22:05:00 | 1740be47930387f2746979dbb7300ef9 | 44 / 71 (61.97%)
| 157.240.201.17:443 |
| 2021-01-24 23:17:20 | 4425e60bdc156c3db86b59f01d43fe79 | 29 / 69 (42.03%)
| 157.240.201.17:443 |
| 2021-01-24 23:17:20 | 4425e60bdc156c3db86b59f01d43fe79 | 29 / 69 (42.03%)
| 157.240.201.17:443 |
| 2021-01-21 00:12:37 | 216ca87235237ee6ae6d829bdcd2f4d4 | 43 / 71 (60.56%)
| 157.240.201.17:443 |
| 2021-01-21 00:12:37 | 216ca87235237ee6ae6d829bdcd2f4d4 | 43 / 71 (60.56%)
| 157.240.201.17:443 |
| 2021-01-18 22:34:32 | 6ac8f98d2c5c83e42312d931a87be340 | n/a | 157.240.17.17:443 |
| 2021-01-18 22:34:32 | 6ac8f98d2c5c83e42312d931a87be340 | n/a | 157.240.17.17:443 |
| 2021-01-18 22:13:34 | 4ef43faa3adbf8d4e3c53adde450f996 | n/a | 157.240.201.17:443 |
| 2021-01-18 22:13:34 | 4ef43faa3adbf8d4e3c53adde450f996 | n/a | 157.240.201.17:443 |
| 2021-01-18 21:56:22 | 43d7b3679f9f651008001b7d270f215f | 52 / 71 (73.24%)
| 69.171.250.15:443 |
| 2021-01-18 21:56:22 | 43d7b3679f9f651008001b7d270f215f | 52 / 71 (73.24%)
| 69.171.250.15:443 |
| 2021-01-13 22:52:41 | 707eb59213ba0521f571f8323ef227a5 | n/a | 157.240.17.17:443 |
| 2021-01-13 22:52:41 | 707eb59213ba0521f571f8323ef227a5 | n/a | 157.240.17.17:443 |
| 2021-01-12 22:20:35 | 5c9868179e3eb8462e9a0d5e12397f85 | n/a | 157.240.201.17:443 |
| 2021-01-12 22:20:35 | 5c9868179e3eb8462e9a0d5e12397f85 | n/a | 157.240.201.17:443 |
| 2021-01-12 22:20:34 | 5c9868179e3eb8462e9a0d5e12397f85 | n/a | 31.13.64.16:443 |
| 2021-01-12 22:20:34 | 5c9868179e3eb8462e9a0d5e12397f85 | n/a | 31.13.64.16:443 |
| 2021-01-12 22:15:40 | 5a73bef592342843bea78fd64a149873 | n/a | 157.240.201.17:443 |
| 2021-01-12 22:15:40 | 5a73bef592342843bea78fd64a149873 | n/a | 157.240.201.17:443 |
| 2021-01-10 20:43:31 | 6bf4a0860c22be5051f376ea26f4175c | 49 / 70 (70.00%)
| 157.240.17.17:443 |
| 2021-01-10 20:43:31 | 6bf4a0860c22be5051f376ea26f4175c | 49 / 70 (70.00%)
| 157.240.17.17:443 |
| 2021-01-10 19:29:36 | 38d821fc09f75bcd236241ac99e9d417 | n/a | 157.240.17.17:443 |
| 2021-01-10 19:29:36 | 38d821fc09f75bcd236241ac99e9d417 | n/a | 157.240.17.17:443 |
| 2020-12-30 06:27:17 | 59d0ae79c53f5636a4f56775493b1dea | 40 / 71 (56.34%)
| 69.171.250.15:443 |
| 2020-12-30 06:27:17 | 59d0ae79c53f5636a4f56775493b1dea | 40 / 71 (56.34%)
| 69.171.250.15:443 |
| 2020-12-26 16:58:49 | 2972cee58ed974fc8e02e6730f3417da | 40 / 70 (57.14%)
| 69.171.250.15:443 |
| 2020-12-26 16:58:49 | 2972cee58ed974fc8e02e6730f3417da | 40 / 70 (57.14%)
| 69.171.250.15:443 |
| 2020-12-15 01:07:03 | 1f19ae4f8277de86bd5db31572f2c2df | n/a | 69.171.250.15:443 |
| 2020-12-15 01:07:03 | 1f19ae4f8277de86bd5db31572f2c2df | n/a | 69.171.250.15:443 |
| 2020-12-06 09:52:14 | beb211923f9d8c600ded60fafbf1cad3 | n/a | 185.60.216.15:443 |
| 2020-12-06 09:52:14 | beb211923f9d8c600ded60fafbf1cad3 | n/a | 185.60.216.15:443 |
| 2020-12-04 09:08:32 | e02d605a15592184628007e0e6a378f0 | 51 / 70 (72.86%)
| 157.240.201.17:443 |
| 2020-12-04 09:08:32 | e02d605a15592184628007e0e6a378f0 | 51 / 70 (72.86%)
| 157.240.201.17:443 |
| 2020-11-26 09:31:00 | 2c6d407c29b549d0f9ac18e594657b9c | 47 / 72 (65.28%)
| 31.13.70.5:443 |
| 2020-11-26 09:31:00 | 2c6d407c29b549d0f9ac18e594657b9c | 47 / 72 (65.28%)
| 31.13.70.1:443 |
| 2020-11-26 09:31:00 | 2c6d407c29b549d0f9ac18e594657b9c | 47 / 72 (65.28%)
| 31.13.70.5:443 |
| 2020-11-26 09:31:00 | 2c6d407c29b549d0f9ac18e594657b9c | 47 / 72 (65.28%)
| 31.13.70.1:443 |
| 2020-03-29 19:14:45 | 6983ad9c106dc7b8052c63c52270266f | n/a | 52.233.189.178:443 |
| 2020-03-29 19:14:45 | 6983ad9c106dc7b8052c63c52270266f | n/a | 52.233.189.178:443 |
| 2020-03-14 16:48:03 | 1136b0aea806289da18041cb3af26aee | n/a | 52.233.189.178:443 |
| 2020-03-14 16:48:03 | 1136b0aea806289da18041cb3af26aee | n/a | 52.233.189.178:443 |
| 2020-03-04 14:40:58 | 6bc3b81c1fab85abf87e29aaf98d3712 | n/a | 52.233.189.178:443 |
| 2020-03-04 14:40:58 | 6bc3b81c1fab85abf87e29aaf98d3712 | n/a | 52.233.189.178:443 |
| 2020-02-24 15:02:10 | e914fb98bc6c4d1e6c9fddb335bfbd55 | n/a | 31.13.92.10:443 |
| 2020-02-24 15:02:10 | e914fb98bc6c4d1e6c9fddb335bfbd55 | n/a | 31.13.92.10:443 |
| 2020-02-07 07:44:15 | e9858a6d0b082cf51cfa898a5512d3c5 | n/a | 31.13.64.16:443 |
| 2020-02-07 07:44:15 | e9858a6d0b082cf51cfa898a5512d3c5 | n/a | 31.13.64.16:443 |
| 2020-01-29 19:05:29 | 73f2a9009088d6956a29c4037238e01a | n/a | 157.240.11.17:443 |
| 2020-01-29 19:05:29 | 73f2a9009088d6956a29c4037238e01a | n/a | 157.240.11.17:443 |
| 2020-01-23 15:26:59 | 228aa3226df390a5dbf602fecdf2e414 | n/a | 31.13.92.10:443 |
| 2020-01-23 15:26:59 | 228aa3226df390a5dbf602fecdf2e414 | n/a | 31.13.92.10:443 |
| 2020-01-07 02:26:08 | a49869dff1d93f0f5db1856195674ddc | n/a | 31.13.70.1:443 |
| 2020-01-07 02:26:08 | a49869dff1d93f0f5db1856195674ddc | n/a | 31.13.70.1:443 |
| 2020-01-05 21:02:51 | a9f00889009fbb4ca5328642a46567f0 | n/a | 31.13.70.1:443 |
| 2020-01-05 21:02:51 | a9f00889009fbb4ca5328642a46567f0 | n/a | 31.13.70.1:443 |
| 2019-12-30 11:15:03 | a102a979e0af9eda56cb891834290244 | 51 / 72 (70.83%)
| 31.13.64.16:443 |
| 2019-12-30 11:15:03 | a102a979e0af9eda56cb891834290244 | 51 / 72 (70.83%)
| 31.13.64.16:443 |
| 2019-12-22 17:29:58 | ad5b4ad0548e262d053406b3be0337f8 | n/a | 31.13.64.16:443 |
| 2019-12-22 17:29:58 | ad5b4ad0548e262d053406b3be0337f8 | n/a | 31.13.64.16:443 |
# of entries: 100 (max: 100)