JA3 Fingerprints

You can find further information about the JA3 fingerprint f22bdd57e3a52de86cda40da2d84e83b, including the corresponding malware samples as well as the associated botnet C&Cs.

Database Entry


JA3 Fingerprint:f22bdd57e3a52de86cda40da2d84e83b
First seen:2018-03-27 13:40:19 UTC
Last seen:2019-01-20 14:31:39 UTC
Status:Blacklisted
Malware samples:49
Destination IPs:54
Malware:Tofsee -
Listing date:2018-11-14 12:52:32

Malware Samples


The table below documents all malware samples associated with this JA3 Fingerprint.

Timestamp (UTC)Malware Sample (MD5 hash)VTBotnet C&C (IP:port)
2019-01-20 14:31:399e6df0e4d260e0e5bf7f23c150e82a4bVirustotal results 34/71 (47.89%) 104.94.8.165:443
2019-01-20 14:31:399e6df0e4d260e0e5bf7f23c150e82a4bVirustotal results 34/71 (47.89%) 2.22.198.202:443
2019-01-16 17:33:04597dd951d3fbe2706d5f42c8b74ce11an/a2.22.198.202:443
2019-01-16 17:33:04597dd951d3fbe2706d5f42c8b74ce11an/a104.94.8.165:443
2019-01-13 11:15:369de56070017d8a3f08d96259d3dbc4e9Virustotal results 36/71 (50.70%) 104.75.50.187:443
2019-01-05 19:56:33a26dd9ab29f62033ad37ebc874a20a7cn/a104.75.50.187:443
2019-01-03 14:31:00b8d639ede20ad1a3a48bda71c814b241n/a104.85.53.106:443
2019-01-03 14:30:59b8d639ede20ad1a3a48bda71c814b241n/a23.54.138.82:443
2019-01-02 12:15:358f3f5f3d83c45eb796451535707d1f60n/a23.59.111.67:443
2019-01-02 09:30:536a27b1eaaa1a56377a0a1fd0a14fdd57n/a23.205.178.159:443
2018-12-29 01:46:46b27e2573f4fcae368b9104f0912d3edfVirustotal results 45/71 (63.38%) 23.205.178.159:443
2018-12-29 01:46:46b27e2573f4fcae368b9104f0912d3edfVirustotal results 45/71 (63.38%) 23.50.104.9:443
2018-12-24 22:19:08424f7b8edf5d150c7a248ad789512bc4Virustotal results 39/69 (56.52%) 2.23.132.212:443
2018-12-24 22:19:08424f7b8edf5d150c7a248ad789512bc4Virustotal results 39/69 (56.52%) 2.23.135.191:443
2018-12-19 20:54:5861f4fa70b33c54bb2e9e049359c3a03en/a2.18.96.28:443
2018-12-19 20:54:5861f4fa70b33c54bb2e9e049359c3a03en/a2.22.198.202:443
2018-12-16 20:17:5678c050980246f58ecc5dfc373d81c6f8Virustotal results 37/71 (52.11%) 104.81.231.131:443
2018-12-16 20:17:5678c050980246f58ecc5dfc373d81c6f8Virustotal results 37/71 (52.11%) 104.81.127.170:443
2018-12-15 23:29:4806ab498eb864a937fc7f0ea4908e0731Virustotal results 37/71 (52.11%) 23.201.251.92:443
2018-12-14 09:21:387333b72192bc9a0abba2a76755734d1bVirustotal results 29/71 (40.85%) 104.111.230.177:443
2018-12-14 09:21:387333b72192bc9a0abba2a76755734d1bVirustotal results 29/71 (40.85%) 104.111.234.53:443
2018-12-13 23:56:198bb5bd6750d9a98e2eab9665dc0907b5n/a104.81.127.170:443
2018-12-13 23:56:198bb5bd6750d9a98e2eab9665dc0907b5n/a92.123.8.53:443
2018-12-13 20:12:454b2405676f726333a5ad5754ae3af6b4Virustotal results 36/68 (52.94%) 23.205.178.159:443
2018-12-10 23:44:03dac816d1c7b4ac33bc491a2c26ef83c2n/a2.23.132.109:443
2018-12-09 00:59:4399baca5d78a6427843dba64a5fc0c083Virustotal results 39/71 (54.93%) 23.59.117.178:443
2018-12-05 06:15:27f0a3e4eca113df7d09bbff6c3678ff27Virustotal results 35/69 (50.72%) 23.205.178.159:443
2018-12-03 10:27:382859f008ada0a06ef6a1f635730c35f1Virustotal results 37/70 (52.86%) 23.38.44.138:443
2018-11-30 04:59:53f103fceb4d81aa1ff904dcd8a28fcc04Virustotal results 34/68 (50.00%) 2.18.129.131:443
2018-11-24 11:53:37526d0aa2e3d2980f6f66c4dd4106c8c5Virustotal results 41/70 (58.57%) 104.85.25.101:443
2018-11-24 11:53:37526d0aa2e3d2980f6f66c4dd4106c8c5Virustotal results 41/70 (58.57%) 2.18.129.131:443
2018-11-09 10:12:24c7e1418d01f4a26fe2bfd83b89cc09e9Virustotal results 19/68 (27.94%) 23.59.122.38:443
2018-09-29 21:34:516116c30f592d774fef78a6d8af0f4144n/a104.94.193.129:443
2018-09-29 00:05:580a64b4c09ae8c9cff8c121e45f289e19Virustotal results 14/67 (20.90%) 23.67.129.182:443
2018-09-29 00:05:580a64b4c09ae8c9cff8c121e45f289e19Virustotal results 14/67 (20.90%) 104.111.217.228:443
2018-09-29 00:05:580a64b4c09ae8c9cff8c121e45f289e19Virustotal results 14/67 (20.90%) 104.111.218.235:443
2018-09-26 07:58:16eea858eed2b3cfd177a9611bb00d1fceVirustotal results 28/65 (43.08%) 172.227.99.140:443
2018-09-26 07:58:16eea858eed2b3cfd177a9611bb00d1fceVirustotal results 28/65 (43.08%) 2.17.239.173:443
2018-09-26 07:58:15eea858eed2b3cfd177a9611bb00d1fceVirustotal results 28/65 (43.08%) 2.17.227.183:443
2018-09-23 06:47:085652220f6a75f7f7dee8dfe8a8d93ff8Virustotal results 17/67 (25.37%) 104.85.24.196:443
2018-09-23 06:47:055652220f6a75f7f7dee8dfe8a8d93ff8Virustotal results 17/67 (25.37%) 104.94.193.129:443
2018-09-13 19:07:34d043bc03969b9cf0f7813a86b5c8a941n/a184.50.163.183:443
2018-09-12 15:48:17bc7a3c5657467dad62c314d63cc2ae99Virustotal results 37/68 (54.41%) 95.100.134.165:443
2018-09-12 15:48:17bc7a3c5657467dad62c314d63cc2ae99Virustotal results 37/68 (54.41%) 23.206.82.189:443
2018-09-09 11:09:0664d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.45.73.193:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 88.221.187.62:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.206.82.189:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.67.129.182:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 2.19.47.176:443
2018-09-09 11:09:0564d13e032f252652e296bea16c0afb70Virustotal results 20/68 (29.41%) 23.67.131.183:443
2018-08-30 20:07:09cfe5ff15b6f6a375ab796edb90dc17e5Virustotal results 20/67 (29.85%) 92.122.27.246:443
2018-08-30 20:07:07cfe5ff15b6f6a375ab796edb90dc17e5Virustotal results 20/67 (29.85%) 2.22.155.130:443
2018-08-30 20:07:07cfe5ff15b6f6a375ab796edb90dc17e5Virustotal results 20/67 (29.85%) 96.7.53.2:443
2018-08-30 20:07:06cfe5ff15b6f6a375ab796edb90dc17e5Virustotal results 20/67 (29.85%) 2.19.77.81:443
2018-07-16 19:55:255a090506422531ad0e82901fb9ed381fVirustotal results 40/64 (62.50%) 2.23.143.113:443
2018-07-12 09:36:2916df902cc782430b698e0bed279e491eVirustotal results 37/68 (54.41%) 2.17.227.183:443
2018-07-11 09:35:061f58e92e4a3086ea4e7a108a5399c6c4Virustotal results 47/64 (73.44%) 96.7.53.2:443
2018-07-11 09:35:061f58e92e4a3086ea4e7a108a5399c6c4Virustotal results 47/64 (73.44%) 2.19.77.81:443
2018-07-11 08:23:51c3c56f86ad8f886f381d7f3a6ed49a40Virustotal results 46/66 (69.70%) 2.22.155.130:443
2018-07-02 20:45:32514f73ff5aca6bda76b071f6a908df1fVirustotal results 20/64 (31.25%) 23.205.85.18:443
2018-07-02 20:45:32514f73ff5aca6bda76b071f6a908df1fVirustotal results 20/64 (31.25%) 23.54.138.77:443
2018-07-02 20:45:32514f73ff5aca6bda76b071f6a908df1fVirustotal results 20/64 (31.25%) 104.94.3.17:443
2018-06-29 08:55:497a2914feb0d5a487f3a3f05fda79cf59Virustotal results 4/68 (5.88%) 2.19.77.81:443
2018-06-29 05:42:0192eaaab94bff559cac48bbe8f16770e2Virustotal results 37/64 (57.81%) 2.19.77.81:443
2018-06-28 09:38:2416a6a3264fdfbb8748165bbbae800ef0Virustotal results 14/68 (20.59%) 23.200.134.125:443
2018-06-28 09:38:2416a6a3264fdfbb8748165bbbae800ef0Virustotal results 14/68 (20.59%) 23.205.85.18:443
2018-06-28 09:38:2416a6a3264fdfbb8748165bbbae800ef0Virustotal results 14/68 (20.59%) 23.54.138.77:443
2018-06-28 00:12:39735300e6d74aee8cd4645a72a8310e63Virustotal results 15/69 (21.74%) 2.23.143.113:443
2018-06-24 19:33:05b615ff689101509b760415b534294205Virustotal results 13/68 (19.12%) 96.7.53.2:443
2018-06-24 19:33:05b615ff689101509b760415b534294205Virustotal results 13/68 (19.12%) 2.19.77.81:443
2018-06-20 13:45:460d95faff19b2d25384a420a5a2963b64Virustotal results 15/65 (23.08%) 92.122.65.18:443
2018-06-14 16:48:31533d2f82043f73c0def377ebc2240b8eVirustotal results 42/68 (61.76%) 23.14.8.61:443
2018-06-13 00:36:0978a8905672e1ce08e0bde783701837c7Virustotal results 20/66 (30.30%) 2.17.227.183:443
2018-06-07 15:08:04e4dc03171de9820704f39c606a41bc16Virustotal results 35/68 (51.47%) 188.42.196.67:443
2018-06-07 15:08:04e4dc03171de9820704f39c606a41bc16Virustotal results 35/68 (51.47%) 188.42.133.156:443
2018-06-07 15:08:04e4dc03171de9820704f39c606a41bc16Virustotal results 35/68 (51.47%) 104.96.29.204:443
2018-06-03 09:46:18d6651dfa3f02270bc93cc3c1f6918d17Virustotal results 18/66 (27.27%) 23.43.118.83:443
2018-04-14 10:24:529bdb2df1bb59a94ed0c5e15785d72336Virustotal results 45/67 (67.16%) 91.235.140.148:443
2018-04-13 19:19:062cea4eae8b406d61bcc4ee0a8ec15b30Virustotal results 20/67 (29.85%) 91.235.140.148:443
2018-04-10 00:22:102cbe26285ee16335ac4f0d16e35a9307Virustotal results 48/67 (71.64%) 91.235.140.148:443
2018-03-27 13:40:198e314be9bd2b7143eaca23b25f07759dVirustotal results 49/67 (73.13%) 91.235.140.148:443

# of entries: 81 (max: 100)