JA3 Fingerprints
You can find further information about the JA3 fingerprint e3b2ab1f9a56f2fb4c9248f2f41631fa, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | e3b2ab1f9a56f2fb4c9248f2f41631fa |
|---|---|
| First seen: | 2018-03-15 01:06:34 UTC |
| Last seen: | 2019-01-20 14:31:39 UTC |
| Status: | Blacklisted |
| Malware samples: | 170 |
| Destination IPs: | 40 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 12:13:52 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2019-01-20 14:31:39 | 9e6df0e4d260e0e5bf7f23c150e82a4b |  34/71 (47.89%)
| 216.239.34.21:443 |
| 2019-01-05 19:56:33 | a26dd9ab29f62033ad37ebc874a20a7c | n/a | 216.239.38.21:443 |
| 2019-01-03 19:12:59 | ec40ccaad63f8855d8de31a42b7c67ac | 28/69 (40.58%)
| 216.239.38.21:443 |
| 2019-01-02 09:30:53 | 6a27b1eaaa1a56377a0a1fd0a14fdd57 | n/a | 216.239.34.21:443 |
| 2018-12-27 19:29:28 | 4577728e7e6ea0c371746efd0341813a | 46/71 (64.79%)
| 216.239.32.21:443 |
| 2018-12-27 19:29:28 | 4577728e7e6ea0c371746efd0341813a | 46/71 (64.79%)
| 216.239.34.21:443 |
| 2018-12-24 22:19:07 | 424f7b8edf5d150c7a248ad789512bc4 | 39/69 (56.52%)
| 216.239.32.21:443 |
| 2018-12-24 22:19:07 | 424f7b8edf5d150c7a248ad789512bc4 | 39/69 (56.52%)
| 157.240.2.35:443 |
| 2018-12-19 20:54:58 | 61f4fa70b33c54bb2e9e049359c3a03e | n/a | 176.32.103.205:443 |
| 2018-12-19 20:54:58 | 61f4fa70b33c54bb2e9e049359c3a03e | n/a | 216.239.36.21:443 |
| 2018-12-19 20:54:58 | 61f4fa70b33c54bb2e9e049359c3a03e | n/a | 31.13.65.36:443 |
| 2018-12-17 21:30:18 | c84fdb9bf81240c39381022530c0cdd0 | 24/68 (35.29%)
| 52.17.132.61:443 |
| 2018-12-16 20:17:56 | 78c050980246f58ecc5dfc373d81c6f8 | 37/71 (52.11%)
| 216.239.36.21:443 |
| 2018-12-13 23:56:19 | 8bb5bd6750d9a98e2eab9665dc0907b5 | n/a | 216.239.36.21:443 |
| 2018-12-13 20:30:46 | 39e07898d58e72ee3be94015fa178552 | 22/70 (31.43%)
| 216.239.32.21:443 |
| 2018-12-13 20:12:45 | 4b2405676f726333a5ad5754ae3af6b4 | 36/68 (52.94%)
| 216.239.38.21:443 |
| 2018-12-10 23:44:03 | dac816d1c7b4ac33bc491a2c26ef83c2 | n/a | 216.239.38.21:443 |
| 2018-12-09 00:59:43 | 99baca5d78a6427843dba64a5fc0c083 | 39/71 (54.93%)
| 216.239.36.21:443 |
| 2018-12-08 11:55:17 | 54aaa042e75d20b5b9b22763639024b8 | 39/70 (55.71%)
| 216.239.36.21:443 |
| 2018-12-07 06:32:51 | 1493bba5bf03b8580e145de4453b8287 | 15/70 (21.43%)
| 216.239.38.21:443 |
| 2018-12-07 04:17:01 | 5919f2f95678c9689bb2ab633f04eced | 40/69 (57.97%)
| 216.239.38.21:443 |
| 2018-12-05 07:04:19 | 6a9c5dea5eed27a993cd13041c567fe2 | 39/70 (55.71%)
| 216.239.38.21:443 |
| 2018-12-05 06:15:27 | f0a3e4eca113df7d09bbff6c3678ff27 | 35/69 (50.72%)
| 157.240.2.35:443 |
| 2018-12-05 06:15:27 | f0a3e4eca113df7d09bbff6c3678ff27 | 35/69 (50.72%)
| 216.239.32.21:443 |
| 2018-12-05 06:15:27 | f0a3e4eca113df7d09bbff6c3678ff27 | 35/69 (50.72%)
| 176.32.98.166:443 |
| 2018-11-26 08:28:39 | 8c2a233173810d4f53df1cc5de624d50 | 35/70 (50.00%)
| 216.239.34.21:443 |
| 2018-11-25 16:01:22 | 05754754e9926dfc92751235f56f1fd8 | 36/69 (52.17%)
| 216.239.36.21:443 |
| 2018-11-24 21:53:20 | 6b6a43af4478cad774e6703bf3f54813 | 39/69 (56.52%)
| 216.239.32.21:443 |
| 2018-11-24 11:53:37 | 526d0aa2e3d2980f6f66c4dd4106c8c5 | 41/70 (58.57%)
| 54.68.5.46:443 |
| 2018-11-23 04:28:05 | 162c6f6b1e73f0733e3a932d8b07dc2e | 37/68 (54.41%)
| 216.239.36.21:443 |
| 2018-11-03 15:59:13 | 03fe25b72e3ec087d90409b482d31985 | 36/68 (52.94%)
| 205.251.242.103:443 |
| 2018-11-02 14:54:21 | 88e28b13e57de6fdc2255ca8f437a08a | 29/68 (42.65%)
| 176.32.103.205:443 |
| 2018-10-16 08:59:43 | 49e432e58bd163f1ed814f54b7bed9f3 | 37/67 (55.22%)
| 31.13.93.35:443 |
| 2018-10-16 08:59:38 | 49e432e58bd163f1ed814f54b7bed9f3 | 37/67 (55.22%)
| 205.251.242.103:443 |
| 2018-10-09 04:51:52 | e16582bbc7a4adcc0d7791b6b3ae6ca7 | 37/69 (53.62%)
| 31.13.65.36:443 |
| 2018-10-09 04:51:51 | e16582bbc7a4adcc0d7791b6b3ae6ca7 | 37/69 (53.62%)
| 176.32.98.166:443 |
| 2018-10-06 15:12:37 | fa4da11707ffb21046b362c7210eed90 | 15/68 (22.06%)
| 205.251.242.103:443 |
| 2018-10-06 03:10:33 | a84c251bd0191808f5b819e2b13f2a3d | 36/68 (52.94%)
| 65.52.20.8:443 |
| 2018-10-06 03:10:32 | a84c251bd0191808f5b819e2b13f2a3d | 36/68 (52.94%)
| 176.32.98.166:443 |
| 2018-09-30 01:38:16 | 0c79c9884f04a63edad772041ecd50b5 | 28/68 (41.18%)
| 176.32.98.166:443 |
| 2018-09-25 21:24:23 | 17b28eae4c3ef0e41549951f2fa73ce9 | 32/69 (46.38%)
| 205.251.242.103:443 |
| 2018-09-25 21:24:23 | 17b28eae4c3ef0e41549951f2fa73ce9 | 32/69 (46.38%)
| 65.52.20.8:443 |
| 2018-09-24 15:35:25 | 99d88b733d1b0203e4ceb92100a837f3 | 40/69 (57.97%)
| 31.13.71.36:443 |
| 2018-09-24 15:35:24 | 99d88b733d1b0203e4ceb92100a837f3 | 40/69 (57.97%)
| 176.32.103.205:443 |
| 2018-09-24 11:51:01 | 5793ba55688f17cfd1a5e730ea2e98b5 | 41/69 (59.42%)
| 176.32.98.166:443 |
| 2018-09-23 22:32:01 | c5b3ca71d7f1f05c00f48741c3950247 | 33/69 (47.83%)
| 65.52.20.8:443 |
| 2018-09-23 22:32:00 | c5b3ca71d7f1f05c00f48741c3950247 | 33/69 (47.83%)
| 176.32.98.166:443 |
| 2018-09-23 12:51:38 | 0b38568ec7adb2f5d2977e5c1976c108 | 35/68 (51.47%)
| 205.251.242.103:443 |
| 2018-09-23 12:51:38 | 0b38568ec7adb2f5d2977e5c1976c108 | 35/68 (51.47%)
| 31.13.71.36:443 |
| 2018-09-23 06:47:33 | 5652220f6a75f7f7dee8dfe8a8d93ff8 | 17/67 (25.37%)
| 31.13.71.36:443 |
| 2018-09-23 06:47:32 | 5652220f6a75f7f7dee8dfe8a8d93ff8 | 17/67 (25.37%)
| 176.32.98.166:443 |
| 2018-09-21 13:38:21 | 86492826dd31d483cfaaf5487af1c245 | 42/69 (60.87%)
| 31.13.71.36:443 |
| 2018-09-21 13:38:20 | 86492826dd31d483cfaaf5487af1c245 | 42/69 (60.87%)
| 176.32.98.166:443 |
| 2018-09-20 08:27:05 | f84127119454c0c202bb1dd6f820bf5c | 36/68 (52.94%)
| 205.251.242.103:443 |
| 2018-09-20 08:27:05 | f84127119454c0c202bb1dd6f820bf5c | 36/68 (52.94%)
| 31.13.65.36:443 |
| 2018-08-26 03:25:17 | 104b66e2ff9ccd28ef2e0590b7b046a4 | 36/68 (52.94%)
| 176.32.103.205:443 |
| 2018-08-21 23:46:55 | 59b2d88d5704527cccbdf1993f6b964c | 40/68 (58.82%)
| 176.32.103.205:443 |
| 2018-08-21 23:46:55 | 59b2d88d5704527cccbdf1993f6b964c | 40/68 (58.82%)
| 31.13.65.36:443 |
| 2018-08-13 18:35:04 | 3f8f318fbe72fd714b3767443e8c18a8 | 38/68 (55.88%)
| 176.32.103.205:443 |
| 2018-08-13 18:35:04 | 3f8f318fbe72fd714b3767443e8c18a8 | 38/68 (55.88%)
| 157.240.2.35:443 |
| 2018-08-07 18:21:27 | 4fe8afdadf0ddec643493308652620a0 | 40/67 (59.70%)
| 176.32.98.166:443 |
| 2018-08-07 18:21:27 | 4fe8afdadf0ddec643493308652620a0 | 40/67 (59.70%)
| 31.13.65.36:443 |
| 2018-08-07 13:03:23 | 4b0fab311b25c26229effa2b81ce99db | 26/68 (38.24%)
| 205.251.242.103:443 |
| 2018-08-07 13:03:23 | 4b0fab311b25c26229effa2b81ce99db | 26/68 (38.24%)
| 157.240.2.35:443 |
| 2018-08-04 23:26:51 | d407e629d933030739dfc629142ff8de | 35/68 (51.47%)
| 176.32.98.166:443 |
| 2018-08-02 06:13:15 | 746eb72fe4d5096d836aefce59d06590 | 38/68 (55.88%)
| 205.251.242.103:443 |
| 2018-08-02 06:13:15 | 746eb72fe4d5096d836aefce59d06590 | 38/68 (55.88%)
| 157.240.2.35:443 |
| 2018-08-02 06:13:15 | 746eb72fe4d5096d836aefce59d06590 | 38/68 (55.88%)
| 157.240.2.38:443 |
| 2018-08-01 11:13:03 | 7bc29ec429894305af39db1655f21beb | 25/68 (36.76%)
| 205.251.242.103:443 |
| 2018-08-01 11:13:03 | 7bc29ec429894305af39db1655f21beb | 25/68 (36.76%)
| 157.240.2.35:443 |
| 2018-07-29 09:02:49 | b0e660a771ff4d8610fdab236e48ba7a | 43/67 (64.18%)
| 176.32.98.166:443 |
| 2018-07-29 09:02:49 | b0e660a771ff4d8610fdab236e48ba7a | 43/67 (64.18%)
| 157.240.2.35:443 |
| 2018-07-29 09:02:49 | b0e660a771ff4d8610fdab236e48ba7a | 43/67 (64.18%)
| 157.240.2.38:443 |
| 2018-07-29 07:38:13 | 27c67a7d1b63da485ed0657fe471a47a | 17/68 (25.00%)
| 176.32.103.205:443 |
| 2018-07-29 07:38:13 | 27c67a7d1b63da485ed0657fe471a47a | 17/68 (25.00%)
| 157.240.2.35:443 |
| 2018-07-22 00:37:48 | 38c3ac55f90b9d273d647340dfbcabb8 | 12/68 (17.65%)
| 176.32.103.205:443 |
| 2018-07-18 03:24:37 | 9a0304da8ba3096123c863a8f6da072d | 44/67 (65.67%)
| 176.32.103.205:443 |
| 2018-07-18 03:24:37 | 9a0304da8ba3096123c863a8f6da072d | 44/67 (65.67%)
| 157.240.2.35:443 |
| 2018-07-18 03:24:37 | 9a0304da8ba3096123c863a8f6da072d | 44/67 (65.67%)
| 157.240.2.38:443 |
| 2018-07-14 00:15:54 | 55c3fdbaa3bcd8281a3283a53067831d | 45/68 (66.18%)
| 176.32.103.205:443 |
| 2018-07-05 02:33:08 | e5dfe98e38ab3ec6644f7be47f1f2757 | 40/67 (59.70%)
| 205.251.242.103:443 |
| 2018-07-05 02:33:08 | e5dfe98e38ab3ec6644f7be47f1f2757 | 40/67 (59.70%)
| 31.13.65.36:443 |
| 2018-07-05 02:33:08 | e5dfe98e38ab3ec6644f7be47f1f2757 | 40/67 (59.70%)
| 31.13.65.38:443 |
| 2018-07-03 12:05:03 | 34742f3cc567880f8de963e81aeb22b8 | 37/64 (57.81%)
| 87.250.250.22:443 |
| 2018-06-17 07:35:14 | c8f7f953da091bcf2774a4d69ebabc03 | 19/68 (27.94%)
| 157.240.2.35:443 |
| 2018-06-17 07:35:14 | c8f7f953da091bcf2774a4d69ebabc03 | 19/68 (27.94%)
| 31.13.65.38:443 |
| 2018-06-16 17:48:02 | c767534813e22d615fd2539cf52d8cee | 24/68 (35.29%)
| 87.250.250.22:443 |
| 2018-06-16 01:26:52 | 58205cbdf0396e2b7649d23dc6033c50 | 42/68 (61.76%)
| 172.217.21.227:443 |
| 2018-06-15 17:43:23 | a31e3a9d03cf2bdfb00a0f537e98fdcf | 14/68 (20.59%)
| 31.13.65.36:443 |
| 2018-06-15 15:13:18 | 846ee09a8a410bb9a3e159234c266275 | 16/68 (23.53%)
| 31.13.65.36:443 |
| 2018-06-15 11:13:07 | 3fd70935da41d9e5ca28977d877d0bc8 | 37/66 (56.06%)
| 31.13.65.36:443 |
| 2018-06-14 18:37:33 | 64457812436f055c93b3c1486c4e1ab7 | 14/68 (20.59%)
| 87.250.250.22:443 |
| 2018-06-14 16:48:31 | 533d2f82043f73c0def377ebc2240b8e | 42/68 (61.76%)
| 87.250.250.22:443 |
| 2018-06-13 00:36:09 | 78a8905672e1ce08e0bde783701837c7 | 20/66 (30.30%)
| 216.58.194.36:443 |
| 2018-06-10 02:17:11 | 6bbffde3e99b9e45679e9f304997fde4 | 36/66 (54.55%)
| 31.13.91.32:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 179.60.192.32:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 185.60.216.37:443 |
| 2018-05-28 17:31:37 | 6d8371cd42322e64cd99141cc8f3e1d9 | 31/66 (46.97%)
| 31.13.91.32:443 |
| 2018-05-27 18:26:20 | d94b8fbcd3aed19b17afe0c1318a3c95 | 3/65 (4.62%)
| 31.13.91.32:443 |
| 2018-05-26 02:09:55 | d692058bdbdebeddbb1f76cc1c78396a | 18/66 (27.27%)
| 216.239.32.21:443 |
# of entries: 100 (max: 100)