JA3 Fingerprints
You can find further information about the JA3 fingerprint e3b2ab1f9a56f2fb4c9248f2f41631fa, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | e3b2ab1f9a56f2fb4c9248f2f41631fa |
|---|---|
| First seen: | 2018-03-15 01:06:34 UTC |
| Last seen: | 2021-07-02 21:51:49 UTC |
| Status: | Blacklisted |
| Malware samples: | 8'457 |
| Destination IPs: | 393 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 12:13:52 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2021-12-27 10:13:21 | 3cf749b0a3e58a4d65972191e3516b09 | n/a | 34.117.59.81:443 |
| 2021-12-27 10:01:36 | f6c7d1421462a1c544b2f7397608c487 | n/a | 34.117.59.81:443 |
| 2021-12-26 15:16:01 | dab279cd4fb7c4ca8549c80d1fc0eaf2 |  23 / 68 (33.82%)
| 34.117.59.81:443 |
| 2021-12-26 15:14:51 | bfe4a540cdffe7068547e9b336822dc2 | 22 / 67 (32.84%)
| 34.117.59.81:443 |
| 2021-12-26 15:14:37 | fc661847339e0e19b2592b64a4672523 | 23 / 68 (33.82%)
| 34.117.59.81:443 |
| 2021-12-26 15:11:32 | eecee14088442aa96084439eab392733 | 22 / 68 (32.35%)
| 34.117.59.81:443 |
| 2021-12-26 15:05:47 | 5b9135adcca3b08a520fa413c6c1657e | 21 / 67 (31.34%)
| 34.117.59.81:443 |
| 2021-12-26 15:05:21 | 0c4047108360e11ecb55d332cad616c4 | 24 / 67 (35.82%)
| 34.117.59.81:443 |
| 2021-07-02 21:51:49 | 8b601e0a802650fcf8be4dfbc44cddfb | 48 / 70 (68.57%)
| 34.117.59.81:443 |
| 2021-07-02 21:51:49 | 8b601e0a802650fcf8be4dfbc44cddfb | 48 / 70 (68.57%)
| 34.117.59.81:443 |
| 2021-07-02 19:57:45 | 73aa0fe90fc58373bfa9cb62db6dbb33 | 52 / 70 (74.29%)
| 34.117.59.81:443 |
| 2021-07-02 19:57:45 | 73aa0fe90fc58373bfa9cb62db6dbb33 | 52 / 70 (74.29%)
| 34.117.59.81:443 |
| 2021-03-25 10:56:13 | e187ac89caac8aa6d4cc2935d871c104 | 43 / 70 (61.43%)
| 173.201.192.129:993 |
| 2021-03-25 10:56:13 | e187ac89caac8aa6d4cc2935d871c104 | 43 / 70 (61.43%)
| 209.91.128.17:993 |
| 2021-03-25 10:56:13 | e187ac89caac8aa6d4cc2935d871c104 | 43 / 70 (61.43%)
| 173.201.192.129:993 |
| 2021-03-25 10:56:13 | e187ac89caac8aa6d4cc2935d871c104 | 43 / 70 (61.43%)
| 209.91.128.17:993 |
| 2021-03-25 05:14:11 | 8a0720e93365c33876a77c94946604be | 35 / 71 (49.30%)
| 17.42.251.32:993 |
| 2021-03-25 05:14:11 | 8a0720e93365c33876a77c94946604be | 35 / 71 (49.30%)
| 17.42.251.32:993 |
| 2021-03-23 23:43:46 | 3de338204ce8f651d942c8192beb5c4d | 39 / 71 (54.93%)
| 77.92.64.117:993 |
| 2021-03-23 23:43:46 | 3de338204ce8f651d942c8192beb5c4d | 39 / 71 (54.93%)
| 77.92.64.117:993 |
| 2021-03-20 02:22:22 | 674b04540b00d9e3efb770c3ca8c0c36 | 44 / 70 (62.86%)
| 67.222.38.67:443 |
| 2021-03-20 02:22:22 | 674b04540b00d9e3efb770c3ca8c0c36 | 44 / 70 (62.86%)
| 67.222.38.67:443 |
| 2021-03-20 01:47:50 | 8c5421a4e3a2180ff7f92f0d2e03f0b4 | 47 / 70 (67.14%)
| 81.27.85.12:443 |
| 2021-03-20 01:47:50 | 8c5421a4e3a2180ff7f92f0d2e03f0b4 | 47 / 70 (67.14%)
| 81.27.85.12:443 |
| 2021-03-20 01:47:49 | 8c5421a4e3a2180ff7f92f0d2e03f0b4 | 47 / 70 (67.14%)
| 172.67.186.177:443 |
| 2021-03-20 01:47:49 | 8c5421a4e3a2180ff7f92f0d2e03f0b4 | 47 / 70 (67.14%)
| 104.21.68.60:443 |
| 2021-03-20 01:47:49 | 8c5421a4e3a2180ff7f92f0d2e03f0b4 | 47 / 70 (67.14%)
| 172.67.186.177:443 |
| 2021-03-20 01:47:49 | 8c5421a4e3a2180ff7f92f0d2e03f0b4 | 47 / 70 (67.14%)
| 104.21.68.60:443 |
| 2021-03-19 23:30:56 | 603a226b92fc654f0c4dd819eafa4377 | 52 / 70 (74.29%)
| 172.67.187.159:443 |
| 2021-03-19 23:30:56 | 603a226b92fc654f0c4dd819eafa4377 | 52 / 70 (74.29%)
| 172.67.187.159:443 |
| 2021-03-19 23:30:55 | 603a226b92fc654f0c4dd819eafa4377 | 52 / 70 (74.29%)
| 104.21.92.65:443 |
| 2021-03-19 23:30:55 | 603a226b92fc654f0c4dd819eafa4377 | 52 / 70 (74.29%)
| 104.21.1.239:443 |
| 2021-03-19 23:30:55 | 603a226b92fc654f0c4dd819eafa4377 | 52 / 70 (74.29%)
| 104.21.92.65:443 |
| 2021-03-19 23:30:55 | 603a226b92fc654f0c4dd819eafa4377 | 52 / 70 (74.29%)
| 104.21.1.239:443 |
| 2021-03-19 20:55:22 | 06a4103b3c8ab3fffafa7051bde06154 | 46 / 71 (64.79%)
| 3.7.246.28:443 |
| 2021-03-19 20:55:22 | 06a4103b3c8ab3fffafa7051bde06154 | 46 / 71 (64.79%)
| 3.7.246.28:443 |
| 2021-03-19 01:01:00 | 5f7724c74fdf88862490b5c49ad5cfa1 | n/a | 104.21.40.197:443 |
| 2021-03-19 01:01:00 | 5f7724c74fdf88862490b5c49ad5cfa1 | n/a | 104.21.40.197:443 |
| 2021-03-18 16:12:36 | a9b1f17e7e440417e0f1bc35389c86fa | 46 / 70 (65.71%)
| 198.71.233.51:443 |
| 2021-03-18 16:12:36 | a9b1f17e7e440417e0f1bc35389c86fa | 46 / 70 (65.71%)
| 198.71.233.51:443 |
| 2021-03-18 16:12:35 | a9b1f17e7e440417e0f1bc35389c86fa | 46 / 70 (65.71%)
| 92.114.94.46:443 |
| 2021-03-18 16:12:35 | a9b1f17e7e440417e0f1bc35389c86fa | 46 / 70 (65.71%)
| 92.114.94.46:443 |
| 2021-03-18 10:51:27 | a614e96f022bf639e5e8323e4aa91112 | 43 / 71 (60.56%)
| 216.239.34.21:443 |
| 2021-03-18 10:51:27 | a614e96f022bf639e5e8323e4aa91112 | 43 / 71 (60.56%)
| 216.239.36.21:443 |
| 2021-03-18 10:51:27 | a614e96f022bf639e5e8323e4aa91112 | 43 / 71 (60.56%)
| 216.239.34.21:443 |
| 2021-03-18 10:51:27 | a614e96f022bf639e5e8323e4aa91112 | 43 / 71 (60.56%)
| 216.239.36.21:443 |
| 2021-03-18 09:17:01 | a5ab245f477650eb1e758824e2443e01 | 44 / 70 (62.86%)
| 216.239.32.21:443 |
| 2021-03-18 09:17:01 | a5ab245f477650eb1e758824e2443e01 | 44 / 70 (62.86%)
| 216.239.32.21:443 |
| 2021-03-18 08:46:43 | 3b507ce33886076523fe53cc234a60a0 | 40 / 70 (57.14%)
| 216.239.34.21:443 |
| 2021-03-18 08:46:43 | 3b507ce33886076523fe53cc234a60a0 | 40 / 70 (57.14%)
| 216.239.34.21:443 |
| 2021-03-18 08:18:10 | 72a9e97b147ddebe43085011bafcc7d6 | 33 / 69 (47.83%)
| 216.239.32.21:443 |
| 2021-03-18 08:18:10 | 72a9e97b147ddebe43085011bafcc7d6 | 33 / 69 (47.83%)
| 216.239.32.21:443 |
| 2021-03-18 08:18:09 | 72a9e97b147ddebe43085011bafcc7d6 | 33 / 69 (47.83%)
| 31.13.65.36:443 |
| 2021-03-18 08:18:09 | 72a9e97b147ddebe43085011bafcc7d6 | 33 / 69 (47.83%)
| 216.239.36.21:443 |
| 2021-03-18 08:18:09 | 72a9e97b147ddebe43085011bafcc7d6 | 33 / 69 (47.83%)
| 216.239.34.21:443 |
| 2021-03-18 08:18:09 | 72a9e97b147ddebe43085011bafcc7d6 | 33 / 69 (47.83%)
| 31.13.65.36:443 |
| 2021-03-18 08:18:09 | 72a9e97b147ddebe43085011bafcc7d6 | 33 / 69 (47.83%)
| 216.239.36.21:443 |
| 2021-03-18 08:18:09 | 72a9e97b147ddebe43085011bafcc7d6 | 33 / 69 (47.83%)
| 216.239.34.21:443 |
| 2021-03-18 08:16:12 | 76690c475b24fa245e4ddf9aeb6a0e18 | n/a | 216.239.32.21:443 |
| 2021-03-18 08:16:12 | 76690c475b24fa245e4ddf9aeb6a0e18 | n/a | 216.239.32.21:443 |
| 2021-03-18 08:14:04 | 27249ddd43bb1f528790fc970c754b50 | n/a | 216.239.34.21:443 |
| 2021-03-18 08:14:04 | 27249ddd43bb1f528790fc970c754b50 | n/a | 216.239.38.21:443 |
| 2021-03-18 08:14:04 | 27249ddd43bb1f528790fc970c754b50 | n/a | 216.239.34.21:443 |
| 2021-03-18 08:14:04 | 27249ddd43bb1f528790fc970c754b50 | n/a | 216.239.38.21:443 |
| 2021-03-18 08:13:38 | 83a2aacd101fa63ab23ed8a7f34769e1 | 32 / 71 (45.07%)
| 216.239.34.21:443 |
| 2021-03-18 08:13:38 | 83a2aacd101fa63ab23ed8a7f34769e1 | 32 / 71 (45.07%)
| 216.239.36.21:443 |
| 2021-03-18 08:13:38 | 83a2aacd101fa63ab23ed8a7f34769e1 | 32 / 71 (45.07%)
| 216.239.34.21:443 |
| 2021-03-18 08:13:38 | 83a2aacd101fa63ab23ed8a7f34769e1 | 32 / 71 (45.07%)
| 216.239.36.21:443 |
| 2021-03-18 08:08:33 | 803a4abb3bab5db79750934f1382fada | n/a | 216.239.32.21:443 |
| 2021-03-18 08:08:33 | 803a4abb3bab5db79750934f1382fada | n/a | 216.239.32.21:443 |
| 2021-03-18 08:08:32 | 803a4abb3bab5db79750934f1382fada | n/a | 216.239.38.21:443 |
| 2021-03-18 08:08:32 | 803a4abb3bab5db79750934f1382fada | n/a | 104.21.26.13:443 |
| 2021-03-18 08:08:32 | 803a4abb3bab5db79750934f1382fada | n/a | 216.239.34.21:443 |
| 2021-03-18 08:08:32 | 803a4abb3bab5db79750934f1382fada | n/a | 216.239.38.21:443 |
| 2021-03-18 08:08:32 | 803a4abb3bab5db79750934f1382fada | n/a | 104.21.26.13:443 |
| 2021-03-18 08:08:32 | 803a4abb3bab5db79750934f1382fada | n/a | 216.239.34.21:443 |
| 2021-03-18 08:02:28 | 3dba4b21e16909d8d0bffe03b789f6cd | 50 / 70 (71.43%)
| 216.239.38.21:443 |
| 2021-03-18 08:02:28 | 3dba4b21e16909d8d0bffe03b789f6cd | 50 / 70 (71.43%)
| 216.239.38.21:443 |
| 2021-03-18 07:58:15 | 2c507cde6d1b15dbd482bf7d95a6c0fc | n/a | 216.239.36.21:443 |
| 2021-03-18 07:58:15 | 2c507cde6d1b15dbd482bf7d95a6c0fc | n/a | 216.239.34.21:443 |
| 2021-03-18 07:58:15 | 2c507cde6d1b15dbd482bf7d95a6c0fc | n/a | 216.239.38.21:443 |
| 2021-03-18 07:58:15 | 2c507cde6d1b15dbd482bf7d95a6c0fc | n/a | 216.239.36.21:443 |
| 2021-03-18 07:58:15 | 2c507cde6d1b15dbd482bf7d95a6c0fc | n/a | 216.239.34.21:443 |
| 2021-03-18 07:58:15 | 2c507cde6d1b15dbd482bf7d95a6c0fc | n/a | 216.239.38.21:443 |
| 2021-03-18 07:56:52 | 72f7c9b951548f91093e930652016603 | 45 / 73 (61.64%)
| 216.239.36.21:443 |
| 2021-03-18 07:56:52 | 72f7c9b951548f91093e930652016603 | 45 / 73 (61.64%)
| 216.239.36.21:443 |
| 2021-03-18 07:36:38 | 22f6b5aa2b77bc2023b310b439105537 | n/a | 216.239.38.21:443 |
| 2021-03-18 07:36:38 | 22f6b5aa2b77bc2023b310b439105537 | n/a | 216.239.38.21:443 |
| 2021-03-18 07:32:55 | 1bf9fcfb55e364f90fbe96c4443a359a | 49 / 70 (70.00%)
| 216.239.36.21:443 |
| 2021-03-18 07:32:55 | 1bf9fcfb55e364f90fbe96c4443a359a | 49 / 70 (70.00%)
| 216.239.38.21:443 |
| 2021-03-18 07:32:55 | 1bf9fcfb55e364f90fbe96c4443a359a | 49 / 70 (70.00%)
| 216.239.36.21:443 |
| 2021-03-18 07:32:55 | 1bf9fcfb55e364f90fbe96c4443a359a | 49 / 70 (70.00%)
| 216.239.38.21:443 |
| 2021-03-18 07:32:54 | 1bf9fcfb55e364f90fbe96c4443a359a | 49 / 70 (70.00%)
| 31.13.65.36:443 |
| 2021-03-18 07:32:54 | 1bf9fcfb55e364f90fbe96c4443a359a | 49 / 70 (70.00%)
| 216.239.34.21:443 |
| 2021-03-18 07:32:54 | 1bf9fcfb55e364f90fbe96c4443a359a | 49 / 70 (70.00%)
| 31.13.65.36:443 |
| 2021-03-18 07:32:54 | 1bf9fcfb55e364f90fbe96c4443a359a | 49 / 70 (70.00%)
| 216.239.34.21:443 |
| 2021-03-18 07:10:19 | 86edef24222bf5cbb9982f988f8a61b2 | n/a | 216.239.32.21:443 |
| 2021-03-18 07:10:19 | 86edef24222bf5cbb9982f988f8a61b2 | n/a | 216.239.38.21:443 |
| 2021-03-18 07:10:19 | 86edef24222bf5cbb9982f988f8a61b2 | n/a | 216.239.32.21:443 |
| 2021-03-18 07:10:19 | 86edef24222bf5cbb9982f988f8a61b2 | n/a | 216.239.38.21:443 |
# of entries: 100 (max: 100)