JA3 Fingerprints

You can find further information about the JA3 fingerprint f22bdd57e3a52de86cda40da2d84e83b, including the corresponding malware samples as well as the associated botnet C&Cs.

Database Entry


JA3 Fingerprint:f22bdd57e3a52de86cda40da2d84e83b
First seen:2018-03-27 13:40:19 UTC
Last seen:2019-01-20 14:31:39 UTC
Status:Blacklisted
Malware samples:49
Destination IPs:54
Malware:Tofsee -
Listing date:2018-11-14 12:52:32

Malware Samples


The table below documents all malware samples associated with this JA3 Fingerprint.

Timestamp (UTC)Malware Sample (MD5 hash)VTBotnet C&C (IP:port)
2019-01-20 14:31:399e6df0e4d260e0e5bf7f23c150e82a4bVirustotal results 34/71 (47.89%) 2.22.198.202:443
2019-01-20 14:31:399e6df0e4d260e0e5bf7f23c150e82a4bVirustotal results 34/71 (47.89%) 104.94.8.165:443
2019-01-20 14:31:399e6df0e4d260e0e5bf7f23c150e82a4bVirustotal results 34/71 (47.89%) 2.22.198.202:443
2019-01-20 14:31:399e6df0e4d260e0e5bf7f23c150e82a4bVirustotal results 34/71 (47.89%) 104.94.8.165:443
2019-01-16 17:33:04597dd951d3fbe2706d5f42c8b74ce11aVirustotal results 50/66 (75.76%) 104.94.8.165:443
2019-01-16 17:33:04597dd951d3fbe2706d5f42c8b74ce11aVirustotal results 50/66 (75.76%) 2.22.198.202:443
2019-01-16 17:33:04597dd951d3fbe2706d5f42c8b74ce11aVirustotal results 50/66 (75.76%) 104.94.8.165:443
2019-01-16 17:33:04597dd951d3fbe2706d5f42c8b74ce11aVirustotal results 50/66 (75.76%) 2.22.198.202:443
2019-01-13 11:15:369de56070017d8a3f08d96259d3dbc4e9Virustotal results 36/71 (50.70%) 104.75.50.187:443
2019-01-13 11:15:369de56070017d8a3f08d96259d3dbc4e9Virustotal results 36/71 (50.70%) 104.75.50.187:443
2019-01-05 19:56:33a26dd9ab29f62033ad37ebc874a20a7cVirustotal results 48/71 (67.61%) 104.75.50.187:443
2019-01-05 19:56:33a26dd9ab29f62033ad37ebc874a20a7cVirustotal results 48/71 (67.61%) 104.75.50.187:443
2019-01-03 14:31:00b8d639ede20ad1a3a48bda71c814b241Virustotal results 40/69 (57.97%) 104.85.53.106:443
2019-01-03 14:31:00b8d639ede20ad1a3a48bda71c814b241Virustotal results 40/69 (57.97%) 104.85.53.106:443
2019-01-03 14:30:59b8d639ede20ad1a3a48bda71c814b241Virustotal results 40/69 (57.97%) 23.54.138.82:443
2019-01-03 14:30:59b8d639ede20ad1a3a48bda71c814b241Virustotal results 40/69 (57.97%) 23.54.138.82:443
2019-01-02 12:15:358f3f5f3d83c45eb796451535707d1f60Virustotal results 37/68 (54.41%) 23.59.111.67:443
2019-01-02 12:15:358f3f5f3d83c45eb796451535707d1f60Virustotal results 37/68 (54.41%) 23.59.111.67:443
2019-01-02 09:30:536a27b1eaaa1a56377a0a1fd0a14fdd57Virustotal results 36/69 (52.17%) 23.205.178.159:443
2019-01-02 09:30:536a27b1eaaa1a56377a0a1fd0a14fdd57Virustotal results 36/69 (52.17%) 23.205.178.159:443
2018-12-29 01:46:46b27e2573f4fcae368b9104f0912d3edfVirustotal results 45/71 (63.38%) 23.50.104.9:443
2018-12-29 01:46:46b27e2573f4fcae368b9104f0912d3edfVirustotal results 45/71 (63.38%) 23.205.178.159:443
2018-12-29 01:46:46b27e2573f4fcae368b9104f0912d3edfVirustotal results 45/71 (63.38%) 23.50.104.9:443
2018-12-29 01:46:46b27e2573f4fcae368b9104f0912d3edfVirustotal results 45/71 (63.38%) 23.205.178.159:443
2018-12-24 22:19:08424f7b8edf5d150c7a248ad789512bc4Virustotal results 39/69 (56.52%) 2.23.135.191:443
2018-12-24 22:19:08424f7b8edf5d150c7a248ad789512bc4Virustotal results 39/69 (56.52%) 2.23.132.212:443
2018-12-24 22:19:08424f7b8edf5d150c7a248ad789512bc4Virustotal results 39/69 (56.52%) 2.23.135.191:443
2018-12-24 22:19:08424f7b8edf5d150c7a248ad789512bc4Virustotal results 39/69 (56.52%) 2.23.132.212:443
2018-12-19 20:54:5861f4fa70b33c54bb2e9e049359c3a03eVirustotal results 45/70 (64.29%) 2.22.198.202:443
2018-12-19 20:54:5861f4fa70b33c54bb2e9e049359c3a03eVirustotal results 45/70 (64.29%) 2.18.96.28:443
2018-12-19 20:54:5861f4fa70b33c54bb2e9e049359c3a03eVirustotal results 45/70 (64.29%) 2.22.198.202:443
2018-12-19 20:54:5861f4fa70b33c54bb2e9e049359c3a03eVirustotal results 45/70 (64.29%) 2.18.96.28:443
2018-12-16 20:17:5678c050980246f58ecc5dfc373d81c6f8Virustotal results 37/71 (52.11%) 104.81.127.170:443
2018-12-16 20:17:5678c050980246f58ecc5dfc373d81c6f8Virustotal results 37/71 (52.11%) 104.81.231.131:443
2018-12-16 20:17:5678c050980246f58ecc5dfc373d81c6f8Virustotal results 37/71 (52.11%) 104.81.127.170:443
2018-12-16 20:17:5678c050980246f58ecc5dfc373d81c6f8Virustotal results 37/71 (52.11%) 104.81.231.131:443
2018-12-15 23:29:4806ab498eb864a937fc7f0ea4908e0731Virustotal results 37/71 (52.11%) 23.201.251.92:443
2018-12-15 23:29:4806ab498eb864a937fc7f0ea4908e0731Virustotal results 37/71 (52.11%) 23.201.251.92:443
2018-12-14 09:21:387333b72192bc9a0abba2a76755734d1bVirustotal results 29/71 (40.85%) 104.111.234.53:443
2018-12-14 09:21:387333b72192bc9a0abba2a76755734d1bVirustotal results 29/71 (40.85%) 104.111.230.177:443
2018-12-14 09:21:387333b72192bc9a0abba2a76755734d1bVirustotal results 29/71 (40.85%) 104.111.234.53:443
2018-12-14 09:21:387333b72192bc9a0abba2a76755734d1bVirustotal results 29/71 (40.85%) 104.111.230.177:443
2018-12-13 23:56:198bb5bd6750d9a98e2eab9665dc0907b5Virustotal results 41/70 (58.57%) 92.123.8.53:443
2018-12-13 23:56:198bb5bd6750d9a98e2eab9665dc0907b5Virustotal results 41/70 (58.57%) 104.81.127.170:443
2018-12-13 23:56:198bb5bd6750d9a98e2eab9665dc0907b5Virustotal results 41/70 (58.57%) 92.123.8.53:443
2018-12-13 23:56:198bb5bd6750d9a98e2eab9665dc0907b5Virustotal results 41/70 (58.57%) 104.81.127.170:443
2018-12-13 20:12:454b2405676f726333a5ad5754ae3af6b4Virustotal results 36/68 (52.94%) 23.205.178.159:443
2018-12-13 20:12:454b2405676f726333a5ad5754ae3af6b4Virustotal results 36/68 (52.94%) 23.205.178.159:443
2018-12-10 23:44:03dac816d1c7b4ac33bc491a2c26ef83c2Virustotal results 41/69 (59.42%) 2.23.132.109:443
2018-12-10 23:44:03dac816d1c7b4ac33bc491a2c26ef83c2Virustotal results 41/69 (59.42%) 2.23.132.109:443
2018-12-09 00:59:4399baca5d78a6427843dba64a5fc0c083Virustotal results 39/71 (54.93%) 23.59.117.178:443
2018-12-09 00:59:4399baca5d78a6427843dba64a5fc0c083Virustotal results 39/71 (54.93%) 23.59.117.178:443
2018-12-05 06:15:27f0a3e4eca113df7d09bbff6c3678ff27Virustotal results 35/69 (50.72%) 23.205.178.159:443
2018-12-05 06:15:27f0a3e4eca113df7d09bbff6c3678ff27Virustotal results 35/69 (50.72%) 23.205.178.159:443
2018-12-03 10:27:382859f008ada0a06ef6a1f635730c35f1Virustotal results 37/70 (52.86%) 23.38.44.138:443
2018-12-03 10:27:382859f008ada0a06ef6a1f635730c35f1Virustotal results 37/70 (52.86%) 23.38.44.138:443
2018-11-30 04:59:53f103fceb4d81aa1ff904dcd8a28fcc04Virustotal results 34/68 (50.00%) 2.18.129.131:443
2018-11-30 04:59:53f103fceb4d81aa1ff904dcd8a28fcc04Virustotal results 34/68 (50.00%) 2.18.129.131:443
2018-11-24 11:53:37526d0aa2e3d2980f6f66c4dd4106c8c5Virustotal results 41/70 (58.57%) 104.85.25.101:443
2018-11-24 11:53:37526d0aa2e3d2980f6f66c4dd4106c8c5Virustotal results 41/70 (58.57%) 2.18.129.131:443
2018-11-24 11:53:37526d0aa2e3d2980f6f66c4dd4106c8c5Virustotal results 41/70 (58.57%) 104.85.25.101:443
2018-11-24 11:53:37526d0aa2e3d2980f6f66c4dd4106c8c5Virustotal results 41/70 (58.57%) 2.18.129.131:443
2018-11-09 10:12:24c7e1418d01f4a26fe2bfd83b89cc09e9Virustotal results 19/68 (27.94%) 23.59.122.38:443
2018-11-09 10:12:24c7e1418d01f4a26fe2bfd83b89cc09e9Virustotal results 19/68 (27.94%) 23.59.122.38:443
2018-09-29 21:34:516116c30f592d774fef78a6d8af0f4144Virustotal results 35/69 (50.72%) 104.94.193.129:443
2018-09-29 21:34:516116c30f592d774fef78a6d8af0f4144Virustotal results 35/69 (50.72%) 104.94.193.129:443
2018-09-29 00:05:580a64b4c09ae8c9cff8c121e45f289e19Virustotal results 14/67 (20.90%) 104.111.218.235:443
2018-09-29 00:05:580a64b4c09ae8c9cff8c121e45f289e19Virustotal results 14/67 (20.90%) 104.111.217.228:443
2018-09-29 00:05:580a64b4c09ae8c9cff8c121e45f289e19Virustotal results 14/67 (20.90%) 23.67.129.182:443
2018-09-29 00:05:580a64b4c09ae8c9cff8c121e45f289e19Virustotal results 14/67 (20.90%) 104.111.218.235:443
2018-09-29 00:05:580a64b4c09ae8c9cff8c121e45f289e19Virustotal results 14/67 (20.90%) 104.111.217.228:443
2018-09-29 00:05:580a64b4c09ae8c9cff8c121e45f289e19Virustotal results 14/67 (20.90%) 23.67.129.182:443
2018-09-26 07:58:16eea858eed2b3cfd177a9611bb00d1fceVirustotal results 28/65 (43.08%) 2.17.239.173:443
2018-09-26 07:58:16eea858eed2b3cfd177a9611bb00d1fceVirustotal results 28/65 (43.08%) 172.227.99.140:443
2018-09-26 07:58:16eea858eed2b3cfd177a9611bb00d1fceVirustotal results 28/65 (43.08%) 2.17.239.173:443
2018-09-26 07:58:16eea858eed2b3cfd177a9611bb00d1fceVirustotal results 28/65 (43.08%) 172.227.99.140:443
2018-09-26 07:58:15eea858eed2b3cfd177a9611bb00d1fceVirustotal results 28/65 (43.08%) 2.17.227.183:443
2018-09-26 07:58:15eea858eed2b3cfd177a9611bb00d1fceVirustotal results 28/65 (43.08%) 2.17.227.183:443
2018-09-23 06:47:085652220f6a75f7f7dee8dfe8a8d93ff8Virustotal results 17/67 (25.37%) 104.85.24.196:443
2018-09-23 06:47:085652220f6a75f7f7dee8dfe8a8d93ff8Virustotal results 17/67 (25.37%) 104.85.24.196:443
2018-09-23 06:47:055652220f6a75f7f7dee8dfe8a8d93ff8Virustotal results 17/67 (25.37%) 104.94.193.129:443
2018-09-23 06:47:055652220f6a75f7f7dee8dfe8a8d93ff8Virustotal results 17/67 (25.37%) 104.94.193.129:443
2018-09-13 19:07:34d043bc03969b9cf0f7813a86b5c8a941Virustotal results 36/68 (52.94%) 184.50.163.183:443
2018-09-13 19:07:34d043bc03969b9cf0f7813a86b5c8a941Virustotal results 36/68 (52.94%) 184.50.163.183:443
2018-09-12 15:48:17bc7a3c5657467dad62c314d63cc2ae99Virustotal results 37/68 (54.41%) 23.206.82.189:443
2018-09-12 15:48:17bc7a3c5657467dad62c314d63cc2ae99Virustotal results 37/68 (54.41%) 95.100.134.165:443
2018-09-12 15:48:17bc7a3c5657467dad62c314d63cc2ae99Virustotal results 37/68 (54.41%) 23.206.82.189:443
2018-09-12 15:48:17bc7a3c5657467dad62c314d63cc2ae99Virustotal results 37/68 (54.41%) 95.100.134.165:443
2018-09-09 11:09:0664d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.45.73.193:443
2018-09-09 11:09:0664d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.45.73.193:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.67.131.183:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 2.19.47.176:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.67.129.182:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.206.82.189:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 88.221.187.62:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.67.131.183:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 2.19.47.176:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.67.129.182:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.206.82.189:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 88.221.187.62:443

# of entries: 100 (max: 100)