JA3 Fingerprints
You can find further information about the JA3 fingerprint fd80fa9c6120cdeea8520510f3c644ac, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | fd80fa9c6120cdeea8520510f3c644ac |
|---|---|
| First seen: | 2018-03-11 09:34:30 UTC |
| Last seen: | 2020-09-21 19:38:47 UTC |
| Status: | Blacklisted |
| Malware samples: | 1'547 |
| Destination IPs: | 188 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 00:00:00 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-09-21 19:38:47 | 46ec0c1f30ee89e794fb7a76328fa10b |  35 / 68 (51.47%)
| 172.67.131.206:443 |
| 2020-09-21 19:38:47 | 46ec0c1f30ee89e794fb7a76328fa10b | 35 / 68 (51.47%)
| 104.28.14.61:443 |
| 2020-09-21 18:14:26 | 044f4900ffbf25976d71e26058098e60 | 37 / 69 (53.62%)
| 104.28.14.61:443 |
| 2020-09-21 14:28:29 | ebe349de6e2b0d438457369f8cbb0963 | 41 / 67 (61.19%)
| 104.28.15.61:443 |
| 2020-09-21 14:28:29 | ebe349de6e2b0d438457369f8cbb0963 | 41 / 67 (61.19%)
| 104.28.14.61:443 |
| 2020-09-21 12:30:27 | e58849a448ab9f4a2ec5aa99879de328 | 39 / 68 (57.35%)
| 104.28.5.155:443 |
| 2020-09-21 10:59:28 | d88c3048627f106eb0f0a039b628c2db | 39 / 67 (58.21%)
| 104.28.14.61:443 |
| 2020-09-21 10:59:28 | d88c3048627f106eb0f0a039b628c2db | 39 / 67 (58.21%)
| 172.67.131.206:443 |
| 2020-09-21 10:26:52 | d9750a487b4826c186875fc9f08d900b | n/a | 172.67.131.206:443 |
| 2020-09-20 18:42:00 | b14c0f872093af543c5e2ae9b42309ec | 39 / 68 (57.35%)
| 172.67.166.95:443 |
| 2020-09-20 18:42:00 | b14c0f872093af543c5e2ae9b42309ec | 39 / 68 (57.35%)
| 104.31.82.224:443 |
| 2020-09-20 17:44:39 | b015158de2eba7aaff698f33653be68b | 34 / 67 (50.75%)
| 172.67.166.95:443 |
| 2020-09-20 17:44:39 | b015158de2eba7aaff698f33653be68b | 34 / 67 (50.75%)
| 104.31.82.224:443 |
| 2020-09-20 17:04:45 | af5ea1351b5e9c1865ad47a5da281cf7 | 38 / 66 (57.58%)
| 172.67.166.95:443 |
| 2020-09-20 17:04:45 | af5ea1351b5e9c1865ad47a5da281cf7 | 38 / 66 (57.58%)
| 104.31.82.224:443 |
| 2020-09-20 11:35:14 | 5ec5ea2dba0b37fb6bb6d5825d16aa66 | n/a | 104.28.14.61:443 |
| 2020-09-20 01:34:46 | 0861d59bb20f2a4f576b733fa47186cc | n/a | 104.28.15.61:443 |
| 2020-09-20 01:34:46 | 0861d59bb20f2a4f576b733fa47186cc | n/a | 172.67.131.206:443 |
| 2020-09-19 07:02:52 | 8d0cbe2e0642eeaf7ce8b87802a36d0c | 38 / 68 (55.88%)
| 172.67.131.206:443 |
| 2020-09-18 02:06:45 | 4166eee9d63e6074c0ab40751b2bcd14 | 48 / 73 (65.75%)
| 172.67.186.6:443 |
| 2020-09-17 22:01:41 | 1bfcc010bf5b44540df1302956384287 | n/a | 172.67.131.206:443 |
| 2020-09-17 22:01:41 | 1bfcc010bf5b44540df1302956384287 | n/a | 104.28.15.61:443 |
| 2020-09-15 22:39:18 | 8d787dcde3fb7d0171a82a02faf2403c | n/a | 172.67.131.179:443 |
| 2020-09-15 20:45:38 | 5ae13033bddacf60cfb4e218f94d375a | n/a | 172.67.131.206:443 |
| 2020-09-15 20:45:38 | 5ae13033bddacf60cfb4e218f94d375a | n/a | 104.28.15.61:443 |
| 2020-09-15 20:02:41 | 3dc5cb2dc20b49eeeae32e503558f82a | 48 / 72 (66.67%)
| 104.28.15.61:443 |
| 2020-09-15 12:42:40 | af92107c0bec40d72c844ac36d3a6218 | 50 / 73 (68.49%)
| 172.67.186.6:443 |
| 2020-09-15 12:42:40 | af92107c0bec40d72c844ac36d3a6218 | 50 / 73 (68.49%)
| 104.28.5.155:443 |
| 2020-09-15 06:57:06 | a5def18a1bf038c9d8a8ac14dfba1289 | 38 / 68 (55.88%)
| 172.67.131.206:443 |
| 2020-09-15 06:03:29 | a5cd96f72de299e0baad99b3d6d9da69 | 44 / 67 (65.67%)
| 104.28.15.61:443 |
| 2020-09-15 02:25:48 | a046e708ca988ca9b60b8ee0ecbcc050 | 37 / 68 (54.41%)
| 104.31.82.224:443 |
| 2020-09-14 16:52:02 | b3a14cf094347817261ad52497dd05c0 | 46 / 69 (66.67%)
| 172.67.131.206:443 |
| 2020-09-14 16:52:02 | b3a14cf094347817261ad52497dd05c0 | 46 / 69 (66.67%)
| 104.28.15.61:443 |
| 2020-09-14 16:02:41 | b3338f2ec211cfc04f759321fe2fc5a4 | 40 / 68 (58.82%)
| 172.67.166.95:443 |
| 2020-09-13 19:28:23 | 5b5c8afae70da58af6fe6f3efc60069d | 40 / 72 (55.56%)
| 104.28.14.61:443 |
| 2020-09-13 15:19:53 | b529dfed785587c32e06d075c8b54d80 | 40 / 67 (59.70%)
| 104.31.82.224:443 |
| 2020-09-13 15:19:53 | b529dfed785587c32e06d075c8b54d80 | 40 / 67 (59.70%)
| 104.31.83.224:443 |
| 2020-09-13 15:18:48 | b5a42b10b67d00fe37fb81c7d4a150ae | 43 / 69 (62.32%)
| 104.31.68.84:443 |
| 2020-09-13 11:18:19 | b3cce3b6832f85c47579e8df3397daac | 29 / 67 (43.28%)
| 104.31.82.224:443 |
| 2020-09-13 11:18:19 | b3cce3b6832f85c47579e8df3397daac | 29 / 67 (43.28%)
| 104.31.83.224:443 |
| 2020-09-13 01:57:22 | a653cbc71628f2dbc348ef3c3bd7dbf9 | 37 / 67 (55.22%)
| 172.67.166.95:443 |
| 2020-09-13 01:57:22 | a653cbc71628f2dbc348ef3c3bd7dbf9 | 37 / 67 (55.22%)
| 104.31.83.224:443 |
| 2020-09-12 23:27:59 | a279f72f7848b40124b0e6191fc0a1a9 | n/a | 172.67.131.179:443 |
| 2020-09-12 23:27:59 | a279f72f7848b40124b0e6191fc0a1a9 | n/a | 104.28.24.59:443 |
| 2020-09-12 20:53:21 | 75467bcfcd556881a345e6c42843db8f | 51 / 68 (75.00%)
| 104.28.15.61:443 |
| 2020-09-12 20:53:20 | 75467bcfcd556881a345e6c42843db8f | 51 / 68 (75.00%)
| 104.28.14.61:443 |
| 2020-09-12 13:10:49 | aea01e32a0bcbc95d7118428a4cb046c | n/a | 104.31.82.224:443 |
| 2020-09-12 13:10:49 | aea01e32a0bcbc95d7118428a4cb046c | n/a | 172.67.166.95:443 |
| 2020-09-12 12:44:29 | ae553c41bf76b3db817574d3e1c7e9d3 | 37 / 68 (54.41%)
| 172.67.166.95:443 |
| 2020-09-12 12:09:41 | adac2a430d256bec79c54c53fa4e6944 | n/a | 31.13.64.35:443 |
| 2020-09-12 12:09:41 | adac2a430d256bec79c54c53fa4e6944 | n/a | 157.240.201.35:443 |
| 2020-09-11 23:06:46 | a3d6f73fd58a3fc488d3e030aa22254a | 40 / 68 (58.82%)
| 172.67.166.95:443 |
| 2020-09-11 23:06:46 | a3d6f73fd58a3fc488d3e030aa22254a | 40 / 68 (58.82%)
| 104.31.83.224:443 |
| 2020-09-11 21:46:05 | a2df929b2669d329ec38779126947948 | 34 / 67 (50.75%)
| 104.31.83.224:443 |
| 2020-09-11 21:33:21 | a2aaf3703018b528068c409788f893d2 | 37 / 68 (54.41%)
| 104.31.82.224:443 |
| 2020-09-11 21:33:21 | a2aaf3703018b528068c409788f893d2 | 37 / 68 (54.41%)
| 172.67.166.95:443 |
| 2020-09-11 17:53:05 | a027f47fe8ca77189aa8f81294356da1 | 40 / 67 (59.70%)
| 104.31.83.224:443 |
| 2020-09-11 17:53:05 | a027f47fe8ca77189aa8f81294356da1 | 40 / 67 (59.70%)
| 172.67.166.95:443 |
| 2020-09-11 14:47:16 | 28e28390ab98c17498d3cb2d8df9509a | 53 / 69 (76.81%)
| 104.28.15.61:443 |
| 2020-09-11 14:47:16 | 28e28390ab98c17498d3cb2d8df9509a | 53 / 69 (76.81%)
| 172.67.131.206:443 |
| 2020-09-10 17:24:33 | 39d2e6cc58aba0f1751cd907bf34a974 | 42 / 70 (60.00%)
| 104.28.14.61:443 |
| 2020-09-10 08:16:21 | a66a7660e4d70c36c486901e3b021890 | 22 / 67 (32.84%)
| 172.67.205.170:443 |
| 2020-09-10 08:16:21 | a66a7660e4d70c36c486901e3b021890 | 22 / 67 (32.84%)
| 104.31.69.84:443 |
| 2020-09-10 05:49:06 | a4b448d34601489a514eb7089c635944 | 47 / 68 (69.12%)
| 104.31.83.224:443 |
| 2020-09-09 22:25:18 | 9b3d64e02f9c65efab97853578aca3ec | 49 / 72 (68.06%)
| 172.67.131.206:443 |
| 2020-09-09 22:25:17 | 9b3d64e02f9c65efab97853578aca3ec | 49 / 72 (68.06%)
| 104.28.14.61:443 |
| 2020-09-09 03:38:48 | c577d50acfd98d5efb2a466f407bf940 | n/a | 104.28.15.61:443 |
| 2020-09-08 21:15:34 | 4d6be20dc576502f8ca9abc6a03fbe59 | 45 / 69 (65.22%)
| 104.28.14.61:443 |
| 2020-09-08 19:45:52 | 2c7e978c79e85b12b79d689cb56969f3 | n/a | 211.239.158.38:443 |
| 2020-09-08 19:45:52 | 2c7e978c79e85b12b79d689cb56969f3 | n/a | 211.239.158.60:443 |
| 2020-09-08 19:45:52 | 2c7e978c79e85b12b79d689cb56969f3 | n/a | 211.239.158.61:443 |
| 2020-09-08 08:31:29 | b1786b223383c0fcd3abad0f9e13ae65 | 47 / 70 (67.14%)
| 172.67.205.170:443 |
| 2020-09-08 08:31:29 | b1786b223383c0fcd3abad0f9e13ae65 | 47 / 70 (67.14%)
| 104.28.15.61:443 |
| 2020-09-07 22:48:24 | 6a91f2d36188314363f38834d8eb8487 | n/a | 104.28.5.155:443 |
| 2020-09-07 19:32:37 | 039f744c1f8541f524156944a8963295 | n/a | 104.28.15.61:443 |
| 2020-09-07 19:32:37 | 039f744c1f8541f524156944a8963295 | n/a | 172.67.131.206:443 |
| 2020-09-07 17:40:27 | ab3f50adbde97643cc6b780786165dae | 38 / 68 (55.88%)
| 172.67.205.170:443 |
| 2020-09-07 17:40:27 | ab3f50adbde97643cc6b780786165dae | 38 / 68 (55.88%)
| 104.31.68.84:443 |
| 2020-09-07 06:26:39 | a27508ce514980fae01e838ce376ba00 | 39 / 66 (59.09%)
| 172.67.205.170:443 |
| 2020-09-07 06:26:39 | a27508ce514980fae01e838ce376ba00 | 39 / 66 (59.09%)
| 104.31.68.84:443 |
| 2020-09-06 20:33:22 | 5dc2b5b4dcc42f1a7d9de97f342aaefd | 38 / 70 (54.29%)
| 104.28.15.61:443 |
| 2020-09-06 20:33:22 | 5dc2b5b4dcc42f1a7d9de97f342aaefd | 38 / 70 (54.29%)
| 104.28.14.61:443 |
| 2020-09-06 17:38:36 | 13b054dfc9773428312af1b750ccca45 | n/a | 172.67.131.206:443 |
| 2020-09-06 17:38:36 | 13b054dfc9773428312af1b750ccca45 | n/a | 104.28.15.61:443 |
| 2020-09-06 16:03:21 | 4264f13def92aa861c0ac3b82a508308 | 0 / 66 (0.00%)
| 104.26.10.124:443 |
| 2020-09-06 15:17:46 | 36f3bb2aeabf8f5ea1c8efc4762a4ef8 | n/a | 172.67.131.206:443 |
| 2020-09-06 15:17:46 | 36f3bb2aeabf8f5ea1c8efc4762a4ef8 | n/a | 104.28.15.61:443 |
| 2020-09-06 14:45:08 | 2fb0b62c98a09474b34f5ffe0c085476 | n/a | 104.28.14.61:443 |
| 2020-09-06 14:45:08 | 2fb0b62c98a09474b34f5ffe0c085476 | n/a | 172.67.131.206:443 |
| 2020-09-02 21:09:31 | 397cd413db910fecfe662d4c1e210dc9 | n/a | 172.67.131.179:443 |
| 2020-09-02 16:20:21 | b7f734eb4fc651438db81f185cd7e1ee | 28 / 67 (41.79%)
| 104.31.69.84:443 |
| 2020-09-02 16:20:21 | b7f734eb4fc651438db81f185cd7e1ee | 28 / 67 (41.79%)
| 104.31.68.84:443 |
| 2020-09-02 00:59:57 | 9956fce3550b02955b181c7538b394dc | 44 / 67 (65.67%)
| 172.67.131.206:443 |
| 2020-09-02 00:59:57 | 9956fce3550b02955b181c7538b394dc | 44 / 67 (65.67%)
| 104.28.14.61:443 |
| 2020-09-01 22:11:22 | 3bf118f650e2fce6c03c8d2bd0768610 | 36 / 69 (52.17%)
| 104.28.14.61:443 |
| 2020-09-01 22:11:22 | 3bf118f650e2fce6c03c8d2bd0768610 | 36 / 69 (52.17%)
| 104.28.15.61:443 |
| 2020-09-01 20:48:59 | 1ae8ed38b59f3455535264459b03f45c | n/a | 104.28.15.61:443 |
| 2020-09-01 20:48:59 | 1ae8ed38b59f3455535264459b03f45c | n/a | 104.28.14.61:443 |
| 2020-09-01 20:41:20 | 160149d6a4844f59a737c30fa83fead4 | n/a | 104.28.14.61:443 |
| 2020-09-01 13:04:00 | b319e11aff9cdc2678e0fdb1761db742 | 43 / 67 (64.18%)
| 172.67.131.206:443 |
# of entries: 100 (max: 100)