JA3 Fingerprints
You can find further information about the JA3 fingerprint df5c30e670dba99f9270ed36060cf054, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | df5c30e670dba99f9270ed36060cf054 |
|---|---|
| First seen: | 2017-07-20 17:44:07 UTC |
| Last seen: | 2018-04-11 15:57:59 UTC |
| Status: | Blacklisted |
| Malware samples: | 72 |
| Destination IPs: | 23 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 12:41:48 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2018-04-11 15:57:59 | d3ad89a56c6c2f01cd118766e0953de0 |  38/67 (56.72%)
| 136.243.102.167:443 |
| 2018-04-11 15:57:59 | d3ad89a56c6c2f01cd118766e0953de0 | 38/67 (56.72%)
| 136.243.102.167:443 |
| 2018-04-10 23:43:23 | e4dfbbef6ba6882ac2f58396d26d66e6 | 14/67 (20.90%)
| 136.243.102.154:443 |
| 2018-04-10 23:43:23 | e4dfbbef6ba6882ac2f58396d26d66e6 | 14/67 (20.90%)
| 136.243.102.154:443 |
| 2018-02-08 21:57:40 | b4dba2e2abaa3fd8065efa1bc81ee789 | 43/68 (63.24%)
| 2.19.77.81:443 |
| 2018-02-08 21:57:40 | b4dba2e2abaa3fd8065efa1bc81ee789 | 43/68 (63.24%)
| 2.19.77.81:443 |
| 2018-02-02 17:59:07 | d9a7d58c32a653804fd07eb9dbd0a525 | 25/67 (37.31%)
| 136.243.102.154:443 |
| 2018-02-02 17:59:07 | d9a7d58c32a653804fd07eb9dbd0a525 | 25/67 (37.31%)
| 136.243.102.154:443 |
| 2018-01-31 19:14:29 | 06c50214a4969953230ba3bca68c24a8 | 34/66 (51.52%)
| 88.99.142.163:443 |
| 2018-01-31 19:14:29 | 06c50214a4969953230ba3bca68c24a8 | 34/66 (51.52%)
| 88.99.142.163:443 |
| 2018-01-28 10:59:13 | 1c1eca06b5120575b5ffc88563cf6d4b | 40/66 (60.61%)
| 88.99.142.163:443 |
| 2018-01-28 10:59:13 | 1c1eca06b5120575b5ffc88563cf6d4b | 40/66 (60.61%)
| 88.99.142.163:443 |
| 2018-01-28 08:53:31 | 1529ad484ef9b2988e9a2d87b5db271c | 11/64 (17.19%)
| 136.243.102.167:443 |
| 2018-01-28 08:53:31 | 1529ad484ef9b2988e9a2d87b5db271c | 11/64 (17.19%)
| 136.243.102.167:443 |
| 2018-01-27 23:22:27 | e5e68b77b689ffb31743f444af38bdb0 | 29/65 (44.62%)
| 136.243.102.154:443 |
| 2018-01-27 23:22:27 | e5e68b77b689ffb31743f444af38bdb0 | 29/65 (44.62%)
| 136.243.102.154:443 |
| 2018-01-26 11:49:42 | a0d0bb16e6be75344535c318ff43243d | 16/65 (24.62%)
| 94.130.143.162:443 |
| 2018-01-26 11:49:42 | a0d0bb16e6be75344535c318ff43243d | 16/65 (24.62%)
| 94.130.143.162:443 |
| 2018-01-25 18:03:02 | d20a434c4623389a6badc01392962d22 | 21/66 (31.82%)
| 88.99.142.163:443 |
| 2018-01-25 18:03:02 | d20a434c4623389a6badc01392962d22 | 21/66 (31.82%)
| 88.99.142.163:443 |
| 2018-01-25 05:31:22 | ed1f71cf6b771ba7246059b253684c03 | 26/67 (38.81%)
| 136.243.102.154:443 |
| 2018-01-25 05:31:22 | ed1f71cf6b771ba7246059b253684c03 | 26/67 (38.81%)
| 136.243.102.154:443 |
| 2018-01-22 19:26:32 | fcb0198de66ed257c0b4e2cc6be0427b | 16/66 (24.24%)
| 88.99.142.163:443 |
| 2018-01-22 19:26:32 | fcb0198de66ed257c0b4e2cc6be0427b | 16/66 (24.24%)
| 88.99.142.163:443 |
| 2018-01-22 05:51:49 | 4b8ad84fe0d107036e2d4ed84c77408b | 23/66 (34.85%)
| 136.243.102.154:443 |
| 2018-01-22 05:51:49 | 4b8ad84fe0d107036e2d4ed84c77408b | 23/66 (34.85%)
| 136.243.102.154:443 |
| 2018-01-19 06:19:44 | f84bf49eab7ece9b4686a629025b2ac4 | 36/67 (53.73%)
| 94.130.143.162:443 |
| 2018-01-19 06:19:44 | f84bf49eab7ece9b4686a629025b2ac4 | 36/67 (53.73%)
| 94.130.143.162:443 |
| 2018-01-09 20:02:21 | f000a0a8ed40c8a24a2ff81442a519f2 | 28/68 (41.18%)
| 136.243.102.154:443 |
| 2018-01-09 20:02:21 | f000a0a8ed40c8a24a2ff81442a519f2 | 28/68 (41.18%)
| 136.243.102.154:443 |
| 2018-01-07 05:23:26 | e1002b684f3e12a614fddd04d26c8c3c | 20/68 (29.41%)
| 88.99.142.163:443 |
| 2018-01-07 05:23:26 | e1002b684f3e12a614fddd04d26c8c3c | 20/68 (29.41%)
| 88.99.142.163:443 |
| 2017-12-11 10:47:50 | 2d852e408fd5638085162842af04cf3d | 14/68 (20.59%)
| 104.25.50.101:443 |
| 2017-12-11 10:47:50 | 2d852e408fd5638085162842af04cf3d | 14/68 (20.59%)
| 104.25.50.101:443 |
| 2017-11-27 20:25:29 | 70516841168f00862d7069732563d5d5 | 45/68 (66.18%)
| 104.25.50.101:443 |
| 2017-11-27 20:25:29 | 70516841168f00862d7069732563d5d5 | 45/68 (66.18%)
| 104.25.50.101:443 |
| 2017-11-23 07:42:59 | d89acfa4fe201c6475f2cd8928060867 | 42/67 (62.69%)
| 2.17.227.183:443 |
| 2017-11-23 07:42:59 | d89acfa4fe201c6475f2cd8928060867 | 42/67 (62.69%)
| 2.17.227.183:443 |
| 2017-11-14 03:43:22 | 65a7ec07a87f60705f47491db930e61c | 9/68 (13.24%)
| 104.25.49.101:443 |
| 2017-11-14 03:43:22 | 65a7ec07a87f60705f47491db930e61c | 9/68 (13.24%)
| 104.25.49.101:443 |
| 2017-11-14 02:34:08 | 6f6c6600531dfe15428ea47180e1ffa7 | 28/68 (41.18%)
| 104.25.50.101:443 |
| 2017-11-14 02:34:08 | 6f6c6600531dfe15428ea47180e1ffa7 | 28/68 (41.18%)
| 104.25.50.101:443 |
| 2017-11-13 13:05:03 | c5259f658191061d01f699af9fcee95e | 14/68 (20.59%)
| 104.25.50.101:443 |
| 2017-11-13 13:05:03 | c5259f658191061d01f699af9fcee95e | 14/68 (20.59%)
| 104.25.50.101:443 |
| 2017-11-13 13:04:34 | fdc5f21287145d0623a0bc3336f0a860 | 40/64 (62.50%)
| 104.25.49.101:443 |
| 2017-11-13 13:04:34 | fdc5f21287145d0623a0bc3336f0a860 | 40/64 (62.50%)
| 104.25.49.101:443 |
| 2017-11-13 09:53:20 | 3d3073713a4d00477a4bb5c5663a266c | 31/67 (46.27%)
| 104.25.49.101:443 |
| 2017-11-13 09:53:20 | 3d3073713a4d00477a4bb5c5663a266c | 31/67 (46.27%)
| 104.25.49.101:443 |
| 2017-11-13 08:19:18 | 696084e07c70ff92dac6209ecfbfe09f | 20/68 (29.41%)
| 104.25.49.101:443 |
| 2017-11-13 08:19:18 | 696084e07c70ff92dac6209ecfbfe09f | 20/68 (29.41%)
| 104.25.49.101:443 |
| 2017-11-07 20:06:14 | 4e88ed99630e0153553ca0883e3158cb | 14/68 (20.59%)
| 23.43.120.11:443 |
| 2017-11-07 20:06:14 | 4e88ed99630e0153553ca0883e3158cb | 14/68 (20.59%)
| 23.43.120.11:443 |
| 2017-10-30 07:55:07 | bee7480ef9a4f36cd1c01b3708c7493b | 16/67 (23.88%)
| 23.201.250.90:443 |
| 2017-10-30 07:55:07 | bee7480ef9a4f36cd1c01b3708c7493b | 16/67 (23.88%)
| 23.201.250.90:443 |
| 2017-10-30 06:41:57 | f867893568fa7dab3fafa861f528c737 | 38/67 (56.72%)
| 92.122.65.18:443 |
| 2017-10-30 06:41:57 | f867893568fa7dab3fafa861f528c737 | 38/67 (56.72%)
| 92.122.65.18:443 |
| 2017-10-06 15:13:23 | 07e7aaa178803206b6733581a392fdbc | 41/66 (62.12%)
| 184.86.225.137:443 |
| 2017-10-06 15:13:23 | 07e7aaa178803206b6733581a392fdbc | 41/66 (62.12%)
| 184.86.225.137:443 |
| 2017-10-05 17:14:10 | 28ccbfc435d07801929b17e8e3544d75 | 31/66 (46.97%)
| 184.86.225.137:443 |
| 2017-10-05 17:14:10 | 28ccbfc435d07801929b17e8e3544d75 | 31/66 (46.97%)
| 184.86.225.137:443 |
| 2017-09-29 07:21:30 | a0bdb6e9fe96ed131ad9411b815c2519 | 23/65 (35.38%)
| 104.124.128.162:443 |
| 2017-09-29 07:21:30 | a0bdb6e9fe96ed131ad9411b815c2519 | 23/65 (35.38%)
| 104.124.128.162:443 |
| 2017-09-26 17:45:57 | a1e0d7039a14a13505dbc7553e0024c1 | 27/65 (41.54%)
| 104.124.128.162:443 |
| 2017-09-26 17:45:57 | a1e0d7039a14a13505dbc7553e0024c1 | 27/65 (41.54%)
| 104.124.128.162:443 |
| 2017-09-26 16:07:13 | 585c5240556fed7386bca11084f1bf27 | 43/66 (65.15%)
| 104.124.128.162:443 |
| 2017-09-26 16:07:13 | 585c5240556fed7386bca11084f1bf27 | 43/66 (65.15%)
| 104.124.128.162:443 |
| 2017-09-25 16:45:10 | 9fda0bf0ddab9fdc7f34bea60b7bbadf | n/a | 104.124.128.162:443 |
| 2017-09-25 16:45:10 | 9fda0bf0ddab9fdc7f34bea60b7bbadf | n/a | 104.124.128.162:443 |
| 2017-09-25 14:17:57 | bfde71425d2d22eb7b4a8be143f40f95 | 30/64 (46.88%)
| 104.124.128.162:443 |
| 2017-09-25 14:17:57 | bfde71425d2d22eb7b4a8be143f40f95 | 30/64 (46.88%)
| 104.124.128.162:443 |
| 2017-09-25 14:17:56 | 196fc3b5861a607f838a37aa3d42e1b7 | 52/66 (78.79%)
| 104.124.128.162:443 |
| 2017-09-25 14:17:56 | 196fc3b5861a607f838a37aa3d42e1b7 | 52/66 (78.79%)
| 104.124.128.162:443 |
| 2017-09-25 14:15:26 | 06ba0ea8063ca50aae2d8468ba9ad058 | 39/66 (59.09%)
| 104.124.128.162:443 |
| 2017-09-25 14:15:26 | 06ba0ea8063ca50aae2d8468ba9ad058 | 39/66 (59.09%)
| 104.124.128.162:443 |
| 2017-09-25 14:09:05 | 4df49372d195f604caa6da3a7c2646e9 | 45/64 (70.31%)
| 104.124.128.162:443 |
| 2017-09-25 14:09:05 | 4df49372d195f604caa6da3a7c2646e9 | 45/64 (70.31%)
| 104.124.128.162:443 |
| 2017-09-25 14:02:58 | 7d298e7e13228e0915cef89ba27ed848 | n/a | 104.124.128.162:443 |
| 2017-09-25 14:02:58 | 7d298e7e13228e0915cef89ba27ed848 | n/a | 104.124.128.162:443 |
| 2017-09-25 14:01:51 | 4e4b4c7f74ff434d7aa8f440cb55ee09 | n/a | 104.124.128.162:443 |
| 2017-09-25 14:01:51 | 4e4b4c7f74ff434d7aa8f440cb55ee09 | n/a | 104.124.128.162:443 |
| 2017-09-25 02:48:43 | 5b713333699bc039ed1dce9b42c97267 | n/a | 104.124.128.162:443 |
| 2017-09-25 02:48:43 | 5b713333699bc039ed1dce9b42c97267 | n/a | 104.124.128.162:443 |
| 2017-09-24 13:40:58 | 24e89362241a2cd5d010d52ad844af4d | 38/65 (58.46%)
| 104.124.128.162:443 |
| 2017-09-24 13:40:58 | 24e89362241a2cd5d010d52ad844af4d | 38/65 (58.46%)
| 104.124.128.162:443 |
| 2017-09-24 09:54:24 | defb62f72f12a536c311a7d39f576f8a | 31/64 (48.44%)
| 104.124.128.162:443 |
| 2017-09-24 09:54:24 | defb62f72f12a536c311a7d39f576f8a | 31/64 (48.44%)
| 23.43.120.11:443 |
| 2017-09-24 09:54:24 | defb62f72f12a536c311a7d39f576f8a | 31/64 (48.44%)
| 104.124.128.162:443 |
| 2017-09-24 09:54:24 | defb62f72f12a536c311a7d39f576f8a | 31/64 (48.44%)
| 23.43.120.11:443 |
| 2017-09-23 02:43:35 | 55a13e60a5bb247955e08d018c018134 | 40/65 (61.54%)
| 95.100.49.148:443 |
| 2017-09-23 02:43:35 | 55a13e60a5bb247955e08d018c018134 | 40/65 (61.54%)
| 95.100.49.148:443 |
| 2017-09-22 19:20:00 | 5d98ba1272a17e932af656df3c308830 | n/a | 104.94.20.152:443 |
| 2017-09-22 19:20:00 | 5d98ba1272a17e932af656df3c308830 | n/a | 104.94.20.152:443 |
| 2017-09-21 05:00:44 | a3d78caedb739e57633d4be691a8190e | 37/65 (56.92%)
| 2.19.77.81:443 |
| 2017-09-21 05:00:44 | a3d78caedb739e57633d4be691a8190e | 37/65 (56.92%)
| 2.19.77.81:443 |
| 2017-09-20 20:03:06 | b96eace2e786e64f46279773530f1ddb | 41/65 (63.08%)
| 192.81.241.100:443 |
| 2017-09-20 20:03:06 | b96eace2e786e64f46279773530f1ddb | 41/65 (63.08%)
| 192.81.241.100:443 |
| 2017-09-20 17:18:20 | 72c606b0d9ad5a839a44d43e20a5158b | n/a | 104.109.107.107:443 |
| 2017-09-20 17:18:20 | 72c606b0d9ad5a839a44d43e20a5158b | n/a | 104.109.107.107:443 |
| 2017-09-20 15:25:50 | fefb7a19262164e1185e6ca27fe7813c | n/a | 104.94.20.152:443 |
| 2017-09-20 15:25:50 | fefb7a19262164e1185e6ca27fe7813c | n/a | 104.94.20.152:443 |
# of entries: 100 (max: 100)