JA3 Fingerprints
You can find further information about the JA3 fingerprint e3b2ab1f9a56f2fb4c9248f2f41631fa, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | e3b2ab1f9a56f2fb4c9248f2f41631fa |
|---|---|
| First seen: | 2018-03-15 01:06:34 UTC |
| Last seen: | 2021-07-02 21:51:49 UTC |
| Status: | Blacklisted |
| Malware samples: | 8'817 |
| Destination IPs: | 400 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 12:13:52 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2023-08-25 13:01:59 | 996102b00b87491ed55e711d00a6269c | n/a | 34.117.59.81:443 |
| 2023-08-25 09:42:35 | 6483ccf9b3baf8b2df66480cc22dd9c7 | n/a | 34.117.59.81:443 |
| 2023-08-25 07:33:41 | bf4a8e19c3753f18a667e5090460f02a | n/a | 34.117.59.81:443 |
| 2023-08-25 06:35:23 | c075147c2b49cfbbe7ce50a0c0fee559 | n/a | 34.117.59.81:443 |
| 2023-08-25 03:00:30 | 2c30ffa12d1c0c96d3740a00a27640e0 | n/a | 34.117.59.81:443 |
| 2023-08-25 01:39:47 | 37c55fc5b503856cc1eba28eb6b69fed | n/a | 34.117.59.81:443 |
| 2023-08-24 23:36:16 | 757ca4272bb47ec381f5401118678398 | n/a | 34.117.59.81:443 |
| 2023-08-24 13:27:34 | b6bdd876f393ffd3417909fd0aa8e79d |  29 / 66 (43.94%)
| 34.117.59.81:443 |
| 2023-08-24 13:08:36 | 270d07268270324d4c8ede7c3f4e9999 | 49 / 67 (73.13%)
| 34.117.59.81:443 |
| 2023-08-24 04:40:56 | 78d2e2e7a47fd16928532f799d5381c0 | n/a | 34.117.59.81:443 |
| 2023-08-24 04:40:56 | 78d2e2e7a47fd16928532f799d5381c0 | n/a | 31.13.65.1:443 |
| 2023-08-24 02:02:53 | f5563d38fd39b4f03d68ee5266986aa3 | 32 / 71 (45.07%)
| 34.117.59.81:443 |
| 2023-08-24 02:02:51 | f5563d38fd39b4f03d68ee5266986aa3 | 32 / 71 (45.07%)
| 31.13.65.1:443 |
| 2023-08-23 08:45:14 | 350da2c11d3b4f56944bbc3c886c5e04 | n/a | 34.117.59.81:443 |
| 2023-08-23 08:45:13 | 350da2c11d3b4f56944bbc3c886c5e04 | n/a | 31.13.93.19:443 |
| 2023-08-23 08:08:47 | 48b659577e9341408782b42856e520fc | n/a | 34.117.59.81:443 |
| 2023-08-23 00:59:19 | a74826acd63de8c94d5fb11f2b4f171f | 27 / 67 (40.30%)
| 31.13.93.19:443 |
| 2023-08-23 00:59:19 | a74826acd63de8c94d5fb11f2b4f171f | 27 / 67 (40.30%)
| 34.117.59.81:443 |
| 2023-08-22 12:59:25 | 0e2a163057a64fd8aa4ab7b36d902989 | n/a | 34.117.59.81:443 |
| 2023-08-20 13:31:03 | 1c5420b9bac5cb2479f5a3b04fbd4e98 | n/a | 31.13.71.1:443 |
| 2023-08-20 13:31:03 | 1c5420b9bac5cb2479f5a3b04fbd4e98 | n/a | 34.117.59.81:443 |
| 2023-08-19 06:52:53 | 01a6f47ba06057c901b2ff46e627eb76 | 52 / 71 (73.24%)
| 34.117.59.81:443 |
| 2023-08-18 06:16:24 | 1c621872b028fe5df62717468223cfcc | n/a | 34.117.59.81:443 |
| 2023-08-15 01:44:27 | 2d129bcd946b023b3053566875691afc | n/a | 31.13.65.1:443 |
| 2023-08-15 01:44:26 | 2d129bcd946b023b3053566875691afc | n/a | 199.127.61.113:443 |
| 2023-08-15 01:44:24 | 2d129bcd946b023b3053566875691afc | n/a | 34.117.59.81:443 |
| 2023-08-15 01:38:48 | 390a9bbeb8a243173259d59cd8830a82 | n/a | 199.127.61.113:443 |
| 2023-08-15 01:30:27 | 26692882992e5304865c33adfe6ec249 | 59 / 71 (83.10%)
| 199.127.61.113:443 |
| 2023-08-14 15:47:33 | 343ee92aa9680bc8c1e2028d5ac59fba | 26 / 71 (36.62%)
| 104.16.124.96:443 |
| 2023-08-14 15:47:32 | 343ee92aa9680bc8c1e2028d5ac59fba | 26 / 71 (36.62%)
| 34.117.59.81:443 |
| 2023-08-14 15:47:32 | 343ee92aa9680bc8c1e2028d5ac59fba | 26 / 71 (36.62%)
| 31.13.65.1:443 |
| 2023-08-14 15:01:00 | 32af4ec206843c0a06cb98a2b74b3c62 | 56 / 71 (78.87%)
| 104.16.123.96:443 |
| 2023-08-13 20:33:12 | 47091e38499776c01973949b6d4e9435 | 52 / 70 (74.29%)
| 31.13.65.1:443 |
| 2023-08-13 20:33:11 | 47091e38499776c01973949b6d4e9435 | 52 / 70 (74.29%)
| 34.117.59.81:443 |
| 2023-08-13 13:41:44 | 5a6fe92ace7eec082e783d08db10f6a8 | n/a | 34.117.59.81:443 |
| 2023-08-13 13:29:11 | 5a7319cd7a7b0195351e8b3b25384a37 | 53 / 71 (74.65%)
| 31.13.65.1:443 |
| 2023-08-13 13:29:09 | 5a7319cd7a7b0195351e8b3b25384a37 | 53 / 71 (74.65%)
| 34.117.59.81:443 |
| 2023-08-12 07:47:04 | a09173b31369a355c7075b5b1535b89e | n/a | 34.117.59.81:443 |
| 2023-08-12 06:48:16 | 39d5eb69bf72ee97d0d43fbca4b041b1 | n/a | 34.117.59.81:443 |
| 2023-08-11 18:02:29 | 0e82718fc5e7827c4ba35f056b79ce4d | 50 / 70 (71.43%)
| 34.117.59.81:443 |
| 2023-08-11 16:26:32 | 1ccc3392367d9d89dd8ca093da5a1d8e | 54 / 71 (76.06%)
| 34.117.59.81:443 |
| 2023-08-11 12:07:19 | ad3136ff82e37af9702002b8bb544326 | n/a | 34.117.59.81:443 |
| 2023-08-11 03:35:07 | 13bffaa1597d854d8f09d7ec07ff7e89 | n/a | 34.117.59.81:443 |
| 2023-08-10 18:13:13 | 139dc9f4df204cefe1b855923b4d9962 | 42 / 71 (59.15%)
| 34.117.59.81:443 |
| 2023-08-10 16:39:18 | 5b0b1dafc0b3e583a94c83c4d85a8097 | n/a | 34.117.59.81:443 |
| 2023-08-10 16:07:23 | 80c1a30b95c430213ce5ae5b4b2387c4 | n/a | 34.117.59.81:443 |
| 2023-08-10 11:16:24 | 1fc96ae74c0fd64311392fe46f153aac | 38 / 71 (53.52%)
| 34.117.59.81:443 |
| 2023-08-10 08:34:34 | 5712fece4bc8e3ce3f1971ccc73a88e0 | n/a | 34.117.59.81:443 |
| 2023-08-10 06:10:02 | 07329f062daa9f4723d9f244703a3df8 | 31 / 67 (46.27%)
| 34.117.59.81:443 |
| 2023-08-10 01:17:16 | 1dfda2e7d424c84e0a91e418add4302c | 48 / 71 (67.61%)
| 31.13.65.1:443 |
| 2023-08-10 01:17:15 | 1dfda2e7d424c84e0a91e418add4302c | 48 / 71 (67.61%)
| 34.117.59.81:443 |
| 2023-08-10 01:16:29 | b8985515a77766953d4ca2beac757c1a | n/a | 34.117.59.81:443 |
| 2023-08-10 00:58:23 | 2076151010d1a39cd4e0f2fd1d918bf1 | 41 / 70 (58.57%)
| 34.117.59.81:443 |
| 2023-08-09 19:58:44 | 2829c1b0b18e550956c60fb4fc2b3140 | 55 / 71 (77.46%)
| 34.117.59.81:443 |
| 2023-08-09 16:05:25 | 43a2b7af6527a42f54fb297f4b3bb4a7 | n/a | 34.117.59.81:443 |
| 2023-08-09 14:37:08 | a85367af3d5500fc3aaf9bedb13e05ca | n/a | 34.117.59.81:443 |
| 2023-08-09 10:39:19 | 1da6683c942be143550c91e89ce246b9 | n/a | 34.117.59.81:443 |
| 2023-08-09 08:36:03 | ab4eec14eac5e81b6b87f321f759216c | n/a | 34.117.59.81:443 |
| 2023-08-09 03:50:30 | aa4b82a8b4d1f969729ce10329e44c7c | n/a | 34.117.59.81:443 |
| 2023-08-09 02:36:20 | 070d01f59974e63baf0ccd77226da049 | n/a | 34.117.59.81:443 |
| 2023-08-09 00:21:00 | 0ce5c6cba3ddb4a67711ad53709baeb8 | 28 / 71 (39.44%)
| 34.117.59.81:443 |
| 2023-08-09 00:21:00 | 0ce5c6cba3ddb4a67711ad53709baeb8 | 28 / 71 (39.44%)
| 31.13.65.1:443 |
| 2023-08-08 23:30:37 | a99be2701daa6099ab7512ba78df27d0 | n/a | 34.117.59.81:443 |
| 2023-08-08 17:57:01 | d73df70fe2615db913959e1fe00af53c | 26 / 71 (36.62%)
| 34.117.59.81:443 |
| 2023-08-08 08:16:22 | a0ecbfe212ffa774972c1dc7aa0647ca | n/a | 34.117.59.81:443 |
| 2023-08-08 08:16:21 | a0ecbfe212ffa774972c1dc7aa0647ca | n/a | 31.13.66.4:443 |
| 2023-08-08 05:56:52 | c5612383b2778960ece7f39c71707ac4 | 32 / 71 (45.07%)
| 34.117.59.81:443 |
| 2023-08-07 16:15:43 | 70089acd5cf77f1df9377de46be84b51 | n/a | 34.117.59.81:443 |
| 2023-08-07 15:50:32 | 28dd21fe22ccd6f3e662d5f519b16777 | n/a | 34.117.59.81:443 |
| 2023-08-07 13:16:51 | 887a7d2f5ac08c40c764b3902e2cccce | n/a | 34.117.59.81:443 |
| 2023-08-07 10:02:56 | 318adc037750445f6303a2ddbf347d6b | n/a | 34.117.59.81:443 |
| 2023-08-07 07:44:11 | 04bd69514cd5f6eceb7657c960a629f7 | n/a | 34.117.59.81:443 |
| 2023-08-07 07:44:10 | 04bd69514cd5f6eceb7657c960a629f7 | n/a | 31.13.65.1:443 |
| 2023-08-07 07:32:08 | 7a5516acf160121582c038420e0bf01f | 34 / 71 (47.89%)
| 34.117.59.81:443 |
| 2023-08-07 07:18:54 | 046ca0cee23915bf236e53d0aa03b66f | 7 / 71 (9.86%)
| 34.117.59.81:443 |
| 2023-08-07 07:18:42 | 046ca0cee23915bf236e53d0aa03b66f | 7 / 71 (9.86%)
| 31.13.65.1:443 |
| 2023-08-07 00:15:08 | 2632361a364ea874d2f8b43718164441 | n/a | 34.117.59.81:443 |
| 2023-08-06 22:11:11 | e4f6273b9485bcc92958aeebae874db5 | 32 / 71 (45.07%)
| 34.117.59.81:443 |
| 2023-08-06 18:53:32 | 1dbb3e1e62476c3a1e33cdfc5e655980 | n/a | 34.117.59.81:443 |
| 2023-08-06 18:53:31 | 1dbb3e1e62476c3a1e33cdfc5e655980 | n/a | 31.13.65.1:443 |
| 2023-08-06 14:55:53 | 1226c2bdbf4201fa4859496159409577 | n/a | 31.13.66.4:443 |
| 2023-08-06 14:55:53 | 1226c2bdbf4201fa4859496159409577 | n/a | 34.117.59.81:443 |
| 2023-08-06 09:59:27 | 2e552f0035ea81fb89d32ad7c8693728 | n/a | 34.117.59.81:443 |
| 2023-08-06 09:29:59 | 4885123cfca49055d84cb7a72ec9a0e7 | n/a | 34.117.59.81:443 |
| 2023-08-06 08:20:15 | 5580739c4dba6ef4b695646bd5195ca7 | 27 / 71 (38.03%)
| 34.117.59.81:443 |
| 2023-08-06 01:59:06 | e496ca8a96b805b1a0eabdd5aebbd961 | 28 / 71 (39.44%)
| 34.117.59.81:443 |
| 2023-08-05 04:35:39 | 1b7b13aa62a57b0116dfa39140c3cc9f | 38 / 70 (54.29%)
| 34.117.59.81:443 |
| 2023-08-05 03:23:43 | 0c3a7027b781d086d2cf16ca6d676c77 | 33 / 71 (46.48%)
| 34.117.59.81:443 |
| 2023-08-05 02:04:29 | 42551cf8c4cc370e4988a0023a1beb77 | 35 / 69 (50.72%)
| 31.13.65.1:443 |
| 2023-08-05 02:04:28 | 42551cf8c4cc370e4988a0023a1beb77 | 35 / 69 (50.72%)
| 34.117.59.81:443 |
| 2023-08-05 02:00:32 | 2e16b1f1fe9a190df871ad643d54ef82 | 51 / 68 (75.00%)
| 34.117.59.81:443 |
| 2023-08-04 23:36:32 | 13d4fd215f1d78355e79f51d30e50bfd | 59 / 71 (83.10%)
| 34.117.59.81:443 |
| 2023-08-04 19:11:15 | 246443d086ce661f391fbc6f00b26b1d | 55 / 70 (78.57%)
| 31.13.65.1:443 |
| 2023-08-04 19:11:14 | 246443d086ce661f391fbc6f00b26b1d | 55 / 70 (78.57%)
| 34.117.59.81:443 |
| 2023-08-04 18:14:55 | b1a9da59f749d1214f9a40ac038b4c63 | 29 / 71 (40.85%)
| 34.117.59.81:443 |
| 2023-08-04 18:14:54 | b1a9da59f749d1214f9a40ac038b4c63 | 29 / 71 (40.85%)
| 31.13.65.1:443 |
| 2023-08-04 14:45:54 | c63a1bf9ed87fcf7a082704bfc045b68 | n/a | 34.117.59.81:443 |
| 2023-08-04 10:25:24 | 551bfdbc5e88ea99b1034bad04cdbbef | n/a | 34.117.59.81:443 |
| 2023-08-04 08:13:39 | 84511fe40f93b11987e83e3310b18863 | n/a | 34.117.59.81:443 |
| 2023-08-04 08:08:00 | eacc99caa4524c06c0c74bb1d41598fc | n/a | 34.117.59.81:443 |
# of entries: 100 (max: 100)