JA3 Fingerprints
You can find further information about the JA3 fingerprint e3b2ab1f9a56f2fb4c9248f2f41631fa, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | e3b2ab1f9a56f2fb4c9248f2f41631fa |
|---|---|
| First seen: | 2018-03-15 01:06:34 UTC |
| Last seen: | 2019-05-20 10:42:00 UTC |
| Status: | Blacklisted |
| Malware samples: | 192 |
| Destination IPs: | 47 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 12:13:52 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2019-05-20 10:42:00 | 1e4e1e20f97c442419bdd394427b1c4a |  29/72 (40.28%)
| 216.239.38.21:443 |
| 2019-05-19 18:04:49 | a1dacf35ccfb982a92829690a32dbf24 | 51/72 (70.83%)
| 157.240.11.35:443 |
| 2019-05-12 16:36:36 | b5bc03484af3d3b1e10e201c6ea316d6 | n/a | 216.239.38.21:443 |
| 2019-05-12 12:06:11 | 14f5528d1d1126dbe6b89b29e68c174c | n/a | 216.239.38.21:443 |
| 2019-05-10 19:51:36 | c86d6f29364b0cd0043c76114e10cb41 | n/a | 216.239.36.21:443 |
| 2019-05-09 09:13:59 | 6f9ee02afa7b8942daebd4d0d516ee57 | n/a | 157.240.2.35:443 |
| 2019-05-01 15:15:18 | 583aa1a7a4c81a03b57a8d808f01c1aa | n/a | 216.239.38.21:443 |
| 2019-04-25 06:48:04 | 2f5baa0f0b3d24c792ad901ebcaf9181 | 19/67 (28.36%)
| 216.239.32.21:443 |
| 2019-04-13 23:03:11 | 7f88938cd871441badf6ecce16ae702a | n/a | 216.239.38.21:443 |
| 2019-04-13 07:11:30 | dc01b7fce9a08332ab428b4e9970276c | n/a | 157.240.14.35:443 |
| 2019-04-12 12:05:14 | cc89735d61ea4bdb9eef360dd8825dba | n/a | 104.28.26.204:443 |
| 2019-04-11 04:54:49 | f1c4d05c8c0764c2267b56d9f7d33b25 | n/a | 157.240.14.35:443 |
| 2019-04-08 23:52:22 | 35c1d3e396422925521262d31b23a3ee | 18/71 (25.35%)
| 157.240.14.35:443 |
| 2019-04-06 21:31:36 | 1c255d44a884c872c3c14338ba2cb0df | n/a | 216.239.34.21:443 |
| 2019-04-04 17:11:01 | f6ff62266948c8a9516f4c49d6421a52 | n/a | 67.199.248.10:443 |
| 2019-04-04 17:11:00 | f6ff62266948c8a9516f4c49d6421a52 | n/a | 216.58.204.110:443 |
| 2019-04-04 11:07:56 | 4417ba7cde3c9e8f87b78778b9d66e31 | n/a | 157.240.14.35:443 |
| 2019-04-04 11:07:56 | 4417ba7cde3c9e8f87b78778b9d66e31 | n/a | 216.239.32.21:443 |
| 2019-04-03 06:34:30 | 0fba4b08cce1ba318e281253d25fcb8e | 44/67 (65.67%)
| 216.239.34.21:443 |
| 2019-03-27 22:11:03 | 8352f19171d93ddb3cd4d5f5c49cab6b | 41/65 (63.08%)
| 157.240.2.35:443 |
| 2019-02-12 01:34:48 | 6ec711bccc0ecc02197d3f8534bc445b | 46/70 (65.71%)
| 216.239.32.21:443 |
| 2019-02-10 01:40:08 | 9c3e69b6aca6a7b7e6885650f0af5a61 | 45/70 (64.29%)
| 31.13.66.35:443 |
| 2019-02-10 01:40:08 | 9c3e69b6aca6a7b7e6885650f0af5a61 | 45/70 (64.29%)
| 176.32.98.166:443 |
| 2019-02-09 04:45:08 | 85999fafc0b3cbf49e7f3ac466c5b9a7 | 46/70 (65.71%)
| 185.84.108.14:443 |
| 2019-01-22 14:23:08 | 38295c84ee9cf761fc486143613f6f75 | 33/70 (47.14%)
| 176.32.98.166:443 |
| 2019-01-20 14:31:39 | 9e6df0e4d260e0e5bf7f23c150e82a4b | 34/71 (47.89%)
| 216.239.34.21:443 |
| 2019-01-05 19:56:33 | a26dd9ab29f62033ad37ebc874a20a7c | n/a | 216.239.38.21:443 |
| 2019-01-03 19:12:59 | ec40ccaad63f8855d8de31a42b7c67ac | 28/69 (40.58%)
| 216.239.38.21:443 |
| 2019-01-02 09:30:53 | 6a27b1eaaa1a56377a0a1fd0a14fdd57 | n/a | 216.239.34.21:443 |
| 2018-12-27 19:29:28 | 4577728e7e6ea0c371746efd0341813a | 46/71 (64.79%)
| 216.239.32.21:443 |
| 2018-12-27 19:29:28 | 4577728e7e6ea0c371746efd0341813a | 46/71 (64.79%)
| 216.239.34.21:443 |
| 2018-12-24 22:19:07 | 424f7b8edf5d150c7a248ad789512bc4 | 39/69 (56.52%)
| 216.239.32.21:443 |
| 2018-12-24 22:19:07 | 424f7b8edf5d150c7a248ad789512bc4 | 39/69 (56.52%)
| 157.240.2.35:443 |
| 2018-12-19 20:54:58 | 61f4fa70b33c54bb2e9e049359c3a03e | n/a | 176.32.103.205:443 |
| 2018-12-19 20:54:58 | 61f4fa70b33c54bb2e9e049359c3a03e | n/a | 216.239.36.21:443 |
| 2018-12-19 20:54:58 | 61f4fa70b33c54bb2e9e049359c3a03e | n/a | 31.13.65.36:443 |
| 2018-12-17 21:30:18 | c84fdb9bf81240c39381022530c0cdd0 | 24/68 (35.29%)
| 52.17.132.61:443 |
| 2018-12-16 20:17:56 | 78c050980246f58ecc5dfc373d81c6f8 | 37/71 (52.11%)
| 216.239.36.21:443 |
| 2018-12-13 23:56:19 | 8bb5bd6750d9a98e2eab9665dc0907b5 | n/a | 216.239.36.21:443 |
| 2018-12-13 20:30:46 | 39e07898d58e72ee3be94015fa178552 | 22/70 (31.43%)
| 216.239.32.21:443 |
| 2018-12-13 20:12:45 | 4b2405676f726333a5ad5754ae3af6b4 | 36/68 (52.94%)
| 216.239.38.21:443 |
| 2018-12-10 23:44:03 | dac816d1c7b4ac33bc491a2c26ef83c2 | n/a | 216.239.38.21:443 |
| 2018-12-09 00:59:43 | 99baca5d78a6427843dba64a5fc0c083 | 39/71 (54.93%)
| 216.239.36.21:443 |
| 2018-12-08 11:55:17 | 54aaa042e75d20b5b9b22763639024b8 | 39/70 (55.71%)
| 216.239.36.21:443 |
| 2018-12-07 06:32:51 | 1493bba5bf03b8580e145de4453b8287 | 15/70 (21.43%)
| 216.239.38.21:443 |
| 2018-12-07 04:17:01 | 5919f2f95678c9689bb2ab633f04eced | 40/69 (57.97%)
| 216.239.38.21:443 |
| 2018-12-05 07:04:19 | 6a9c5dea5eed27a993cd13041c567fe2 | 39/70 (55.71%)
| 216.239.38.21:443 |
| 2018-12-05 06:15:27 | f0a3e4eca113df7d09bbff6c3678ff27 | 35/69 (50.72%)
| 157.240.2.35:443 |
| 2018-12-05 06:15:27 | f0a3e4eca113df7d09bbff6c3678ff27 | 35/69 (50.72%)
| 216.239.32.21:443 |
| 2018-12-05 06:15:27 | f0a3e4eca113df7d09bbff6c3678ff27 | 35/69 (50.72%)
| 176.32.98.166:443 |
| 2018-11-26 08:28:39 | 8c2a233173810d4f53df1cc5de624d50 | 35/70 (50.00%)
| 216.239.34.21:443 |
| 2018-11-25 16:01:22 | 05754754e9926dfc92751235f56f1fd8 | 36/69 (52.17%)
| 216.239.36.21:443 |
| 2018-11-24 21:53:20 | 6b6a43af4478cad774e6703bf3f54813 | 39/69 (56.52%)
| 216.239.32.21:443 |
| 2018-11-24 11:53:37 | 526d0aa2e3d2980f6f66c4dd4106c8c5 | 41/70 (58.57%)
| 54.68.5.46:443 |
| 2018-11-23 04:28:05 | 162c6f6b1e73f0733e3a932d8b07dc2e | 37/68 (54.41%)
| 216.239.36.21:443 |
| 2018-11-03 15:59:13 | 03fe25b72e3ec087d90409b482d31985 | 36/68 (52.94%)
| 205.251.242.103:443 |
| 2018-11-02 14:54:21 | 88e28b13e57de6fdc2255ca8f437a08a | 29/68 (42.65%)
| 176.32.103.205:443 |
| 2018-10-16 08:59:43 | 49e432e58bd163f1ed814f54b7bed9f3 | 37/67 (55.22%)
| 31.13.93.35:443 |
| 2018-10-16 08:59:38 | 49e432e58bd163f1ed814f54b7bed9f3 | 37/67 (55.22%)
| 205.251.242.103:443 |
| 2018-10-09 04:51:52 | e16582bbc7a4adcc0d7791b6b3ae6ca7 | 37/69 (53.62%)
| 31.13.65.36:443 |
| 2018-10-09 04:51:51 | e16582bbc7a4adcc0d7791b6b3ae6ca7 | 37/69 (53.62%)
| 176.32.98.166:443 |
| 2018-10-06 15:12:37 | fa4da11707ffb21046b362c7210eed90 | 15/68 (22.06%)
| 205.251.242.103:443 |
| 2018-10-06 03:10:33 | a84c251bd0191808f5b819e2b13f2a3d | 36/68 (52.94%)
| 65.52.20.8:443 |
| 2018-10-06 03:10:32 | a84c251bd0191808f5b819e2b13f2a3d | 36/68 (52.94%)
| 176.32.98.166:443 |
| 2018-09-30 01:38:16 | 0c79c9884f04a63edad772041ecd50b5 | 28/68 (41.18%)
| 176.32.98.166:443 |
| 2018-09-25 21:24:23 | 17b28eae4c3ef0e41549951f2fa73ce9 | 32/69 (46.38%)
| 205.251.242.103:443 |
| 2018-09-25 21:24:23 | 17b28eae4c3ef0e41549951f2fa73ce9 | 32/69 (46.38%)
| 65.52.20.8:443 |
| 2018-09-24 15:35:25 | 99d88b733d1b0203e4ceb92100a837f3 | 40/69 (57.97%)
| 31.13.71.36:443 |
| 2018-09-24 15:35:24 | 99d88b733d1b0203e4ceb92100a837f3 | 40/69 (57.97%)
| 176.32.103.205:443 |
| 2018-09-24 11:51:01 | 5793ba55688f17cfd1a5e730ea2e98b5 | 41/69 (59.42%)
| 176.32.98.166:443 |
| 2018-09-23 22:32:01 | c5b3ca71d7f1f05c00f48741c3950247 | 33/69 (47.83%)
| 65.52.20.8:443 |
| 2018-09-23 22:32:00 | c5b3ca71d7f1f05c00f48741c3950247 | 33/69 (47.83%)
| 176.32.98.166:443 |
| 2018-09-23 12:51:38 | 0b38568ec7adb2f5d2977e5c1976c108 | 35/68 (51.47%)
| 205.251.242.103:443 |
| 2018-09-23 12:51:38 | 0b38568ec7adb2f5d2977e5c1976c108 | 35/68 (51.47%)
| 31.13.71.36:443 |
| 2018-09-23 06:47:33 | 5652220f6a75f7f7dee8dfe8a8d93ff8 | 17/67 (25.37%)
| 31.13.71.36:443 |
| 2018-09-23 06:47:32 | 5652220f6a75f7f7dee8dfe8a8d93ff8 | 17/67 (25.37%)
| 176.32.98.166:443 |
| 2018-09-21 13:38:21 | 86492826dd31d483cfaaf5487af1c245 | 42/69 (60.87%)
| 31.13.71.36:443 |
| 2018-09-21 13:38:20 | 86492826dd31d483cfaaf5487af1c245 | 42/69 (60.87%)
| 176.32.98.166:443 |
| 2018-09-20 08:27:05 | f84127119454c0c202bb1dd6f820bf5c | 36/68 (52.94%)
| 205.251.242.103:443 |
| 2018-09-20 08:27:05 | f84127119454c0c202bb1dd6f820bf5c | 36/68 (52.94%)
| 31.13.65.36:443 |
| 2018-08-26 03:25:17 | 104b66e2ff9ccd28ef2e0590b7b046a4 | 36/68 (52.94%)
| 176.32.103.205:443 |
| 2018-08-21 23:46:55 | 59b2d88d5704527cccbdf1993f6b964c | 40/68 (58.82%)
| 176.32.103.205:443 |
| 2018-08-21 23:46:55 | 59b2d88d5704527cccbdf1993f6b964c | 40/68 (58.82%)
| 31.13.65.36:443 |
| 2018-08-13 18:35:04 | 3f8f318fbe72fd714b3767443e8c18a8 | 38/68 (55.88%)
| 176.32.103.205:443 |
| 2018-08-13 18:35:04 | 3f8f318fbe72fd714b3767443e8c18a8 | 38/68 (55.88%)
| 157.240.2.35:443 |
| 2018-08-07 18:21:27 | 4fe8afdadf0ddec643493308652620a0 | 40/67 (59.70%)
| 176.32.98.166:443 |
| 2018-08-07 18:21:27 | 4fe8afdadf0ddec643493308652620a0 | 40/67 (59.70%)
| 31.13.65.36:443 |
| 2018-08-07 13:03:23 | 4b0fab311b25c26229effa2b81ce99db | 26/68 (38.24%)
| 205.251.242.103:443 |
| 2018-08-07 13:03:23 | 4b0fab311b25c26229effa2b81ce99db | 26/68 (38.24%)
| 157.240.2.35:443 |
| 2018-08-04 23:26:51 | d407e629d933030739dfc629142ff8de | 35/68 (51.47%)
| 176.32.98.166:443 |
| 2018-08-02 06:13:15 | 746eb72fe4d5096d836aefce59d06590 | 38/68 (55.88%)
| 205.251.242.103:443 |
| 2018-08-02 06:13:15 | 746eb72fe4d5096d836aefce59d06590 | 38/68 (55.88%)
| 157.240.2.35:443 |
| 2018-08-02 06:13:15 | 746eb72fe4d5096d836aefce59d06590 | 38/68 (55.88%)
| 157.240.2.38:443 |
| 2018-08-01 11:13:03 | 7bc29ec429894305af39db1655f21beb | 25/68 (36.76%)
| 205.251.242.103:443 |
| 2018-08-01 11:13:03 | 7bc29ec429894305af39db1655f21beb | 25/68 (36.76%)
| 157.240.2.35:443 |
| 2018-07-29 09:02:49 | b0e660a771ff4d8610fdab236e48ba7a | 43/67 (64.18%)
| 176.32.98.166:443 |
| 2018-07-29 09:02:49 | b0e660a771ff4d8610fdab236e48ba7a | 43/67 (64.18%)
| 157.240.2.35:443 |
| 2018-07-29 09:02:49 | b0e660a771ff4d8610fdab236e48ba7a | 43/67 (64.18%)
| 157.240.2.38:443 |
| 2018-07-29 07:38:13 | 27c67a7d1b63da485ed0657fe471a47a | 17/68 (25.00%)
| 176.32.103.205:443 |
| 2018-07-29 07:38:13 | 27c67a7d1b63da485ed0657fe471a47a | 17/68 (25.00%)
| 157.240.2.35:443 |
# of entries: 100 (max: 100)