JA3 Fingerprints
You can find further information about the JA3 fingerprint fd80fa9c6120cdeea8520510f3c644ac, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | fd80fa9c6120cdeea8520510f3c644ac |
|---|---|
| First seen: | 2018-03-11 09:34:30 UTC |
| Last seen: | 2019-02-12 17:41:33 UTC |
| Status: | Blacklisted |
| Malware samples: | 406 |
| Destination IPs: | 48 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 00:00:00 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2019-02-12 17:41:33 | 2ca992d43dc292368b9b37ce9e9cb032 |  40/71 (56.34%)
| 104.18.46.159:443 |
| 2018-11-29 13:40:25 | ebbc767e8d1540a8614e05da97a398f7 | 33/70 (47.14%)
| 104.20.208.21:443 |
| 2018-11-22 16:18:20 | a3f0d4f18f1b20f8931f07a2658edcf7 | 34/67 (50.75%)
| 104.36.193.133:443 |
| 2018-11-22 16:18:17 | a3f0d4f18f1b20f8931f07a2658edcf7 | 34/67 (50.75%)
| 104.36.192.249:443 |
| 2018-11-20 23:29:14 | 83a40a0417d7bc1addec11945d4f4acb | 36/65 (55.38%)
| 104.36.192.191:443 |
| 2018-11-20 23:29:13 | 83a40a0417d7bc1addec11945d4f4acb | 36/65 (55.38%)
| 104.36.192.215:443 |
| 2018-11-20 05:30:33 | be5155baf905961fbff0caf07902ce62 | 27/66 (40.91%)
| 104.36.194.221:443 |
| 2018-11-20 05:30:30 | be5155baf905961fbff0caf07902ce62 | 27/66 (40.91%)
| 104.36.194.225:443 |
| 2018-11-20 05:30:30 | be5155baf905961fbff0caf07902ce62 | 27/66 (40.91%)
| 104.36.195.139:443 |
| 2018-11-20 05:30:28 | be5155baf905961fbff0caf07902ce62 | 27/66 (40.91%)
| 104.36.194.138:443 |
| 2018-11-18 09:28:47 | 7fd59b6093f5554080de55353270554c | 43/68 (63.24%)
| 104.36.194.202:443 |
| 2018-11-18 09:28:45 | 7fd59b6093f5554080de55353270554c | 43/68 (63.24%)
| 104.36.192.246:443 |
| 2018-11-18 09:28:44 | 7fd59b6093f5554080de55353270554c | 43/68 (63.24%)
| 104.36.194.173:443 |
| 2018-08-02 06:13:15 | 746eb72fe4d5096d836aefce59d06590 | 38/68 (55.88%)
| 159.53.224.16:443 |
| 2018-07-29 18:56:24 | d040f181a80d68fa1c4f743f8982a0de | 28/68 (41.18%)
| 159.53.224.16:443 |
| 2018-07-28 01:26:02 | 3c5fbdb5a263876d9482d1c4adc5d204 | 12/68 (17.65%)
| 159.53.85.79:443 |
| 2018-07-28 01:26:02 | 3c5fbdb5a263876d9482d1c4adc5d204 | 12/68 (17.65%)
| 159.53.113.224:443 |
| 2018-07-24 01:04:58 | bb1ef3cfc6ed06a5467abb5ab0543566 | 29/67 (43.28%)
| 159.53.224.16:443 |
| 2018-07-20 19:40:27 | 97eb18c3777a68e1bb5306391669f27f | 43/68 (63.24%)
| 159.53.224.16:443 |
| 2018-06-28 00:12:39 | 735300e6d74aee8cd4645a72a8310e63 | 15/69 (21.74%)
| 13.81.65.66:443 |
| 2018-06-14 16:48:31 | 533d2f82043f73c0def377ebc2240b8e | 42/68 (61.76%)
| 13.81.65.66:443 |
| 2018-06-13 00:36:09 | 78a8905672e1ce08e0bde783701837c7 | 20/66 (30.30%)
| 13.93.161.37:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 13.81.65.66:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.98:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.102:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 2.16.124.231:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 159.53.84.131:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 159.53.62.96:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 91.190.217.145:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.64:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.82:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.100:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 104.20.15.146:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 52.138.209.16:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.66:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 104.20.14.146:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 185.89.12.132:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.96:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 159.53.52.227:443 |
| 2018-06-03 16:30:09 | 5b922aaac0ee75c06fb8ec3c7498296b | 13/65 (20.00%)
| 13.81.65.66:443 |
| 2018-06-03 10:28:50 | bb6bbbb072f6ec4e91f4d0426c7c91c9 | 31/66 (46.97%)
| 13.81.65.66:443 |
| 2018-06-03 10:28:50 | bb6bbbb072f6ec4e91f4d0426c7c91c9 | 31/66 (46.97%)
| 91.190.217.145:443 |
| 2018-06-03 10:28:50 | bb6bbbb072f6ec4e91f4d0426c7c91c9 | 31/66 (46.97%)
| 131.253.61.96:443 |
| 2018-06-03 09:46:18 | d6651dfa3f02270bc93cc3c1f6918d17 | 18/66 (27.27%)
| 13.81.65.66:443 |
| 2018-06-03 09:44:16 | a0d0807e8f6e34b7c262652dcb626138 | 13/66 (19.70%)
| 13.81.65.66:443 |
| 2018-06-03 02:18:07 | 0a6d5427970d2a9ac51dcace66cb56a2 | 22/66 (33.33%)
| 13.93.161.37:443 |
| 2018-06-01 20:03:00 | 7ec3ad772c87bd04c113459469c75f6f | 45/67 (67.16%)
| 13.81.65.66:443 |
| 2018-05-31 20:24:44 | c107290225c7a938b78fb6c9b9cf6b96 | 40/67 (59.70%)
| 13.81.65.66:443 |
| 2018-05-31 16:16:57 | 4419de9cd68502b91acb38214ea4e411 | 35/66 (53.03%)
| 13.93.161.37:443 |
| 2018-05-30 20:14:45 | c8e5a6f0366801b54f4db6b15929222e | 13/65 (20.00%)
| 13.81.65.66:443 |
| 2018-05-30 04:55:18 | ee18fade361542966b4691f15fa528d7 | 43/66 (65.15%)
| 91.190.217.145:443 |
| 2018-05-30 04:55:18 | ee18fade361542966b4691f15fa528d7 | 43/66 (65.15%)
| 13.81.65.66:443 |
| 2018-05-29 23:01:50 | 59b8b09e8def0644b0c03c394796c4b4 | 28/64 (43.75%)
| 13.81.65.66:443 |
| 2018-05-29 07:13:39 | ec5594f16d9f4eef0688e974db48b515 | 42/64 (65.62%)
| 13.81.65.66:443 |
| 2018-05-29 07:13:39 | ec5594f16d9f4eef0688e974db48b515 | 42/64 (65.62%)
| 91.190.217.145:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 91.190.217.145:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 131.253.61.66:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 131.253.61.98:443 |
| 2018-05-28 17:31:37 | 6d8371cd42322e64cd99141cc8f3e1d9 | 31/66 (46.97%)
| 104.20.14.146:443 |
| 2018-05-28 17:31:37 | 6d8371cd42322e64cd99141cc8f3e1d9 | 31/66 (46.97%)
| 185.89.12.132:443 |
| 2018-05-28 17:31:37 | 6d8371cd42322e64cd99141cc8f3e1d9 | 31/66 (46.97%)
| 13.81.65.66:443 |
| 2018-05-28 07:57:46 | c4e43db8e4974f53ed12418727323904 | 20/66 (30.30%)
| 52.138.209.16:443 |
| 2018-05-27 16:49:29 | 776195c2c1b308a058b81eceed594120 | 48/66 (72.73%)
| 13.81.65.66:443 |
| 2018-05-27 16:49:29 | 776195c2c1b308a058b81eceed594120 | 48/66 (72.73%)
| 52.138.209.16:443 |
| 2018-05-26 17:51:00 | 6fefeca48f284c1611265187b1c0436e | 30/66 (45.45%)
| 13.81.65.66:443 |
| 2018-05-26 17:10:13 | fbb3b6da55833f4d15d902790d577588 | 45/66 (68.18%)
| 13.81.65.66:443 |
| 2018-05-26 02:09:55 | d692058bdbdebeddbb1f76cc1c78396a | 18/66 (27.27%)
| 13.81.65.66:443 |
| 2018-05-26 02:09:55 | d692058bdbdebeddbb1f76cc1c78396a | 18/66 (27.27%)
| 52.138.209.16:443 |
| 2018-05-26 02:09:55 | d692058bdbdebeddbb1f76cc1c78396a | 18/66 (27.27%)
| 91.190.217.145:443 |
| 2018-05-25 16:57:05 | adb046ae533afa4b61c1753b78eb1a0c | 43/66 (65.15%)
| 13.93.161.37:443 |
| 2018-05-25 14:18:26 | e3fbb1c0bcded3ad9f3f29dd85a6e95f | 26/66 (39.39%)
| 13.81.65.66:443 |
| 2018-05-25 12:00:37 | 5a4819761ceea110be9ac4c4e997d6f8 | 40/66 (60.61%)
| 13.81.65.66:443 |
| 2018-05-25 12:00:37 | 5a4819761ceea110be9ac4c4e997d6f8 | 40/66 (60.61%)
| 52.138.209.16:443 |
| 2018-05-25 12:00:37 | 5a4819761ceea110be9ac4c4e997d6f8 | 40/66 (60.61%)
| 131.253.61.82:443 |
| 2018-05-25 04:16:50 | b3d2fe81be2e5406f590701e4819c5db | 45/67 (67.16%)
| 104.40.251.63:443 |
| 2018-05-25 04:16:50 | b3d2fe81be2e5406f590701e4819c5db | 45/67 (67.16%)
| 13.81.65.66:443 |
| 2018-05-24 12:06:32 | 6af54b59f13d19dcf19a1434170d76c2 | 37/66 (56.06%)
| 13.81.65.66:443 |
| 2018-05-24 04:42:17 | b2b6d1d6fdbbc6b37946800e18663492 | 43/66 (65.15%)
| 52.138.209.16:443 |
| 2018-05-24 04:42:17 | b2b6d1d6fdbbc6b37946800e18663492 | 43/66 (65.15%)
| 13.81.65.66:443 |
| 2018-05-21 05:17:22 | f41d9ddcbeb5e5f78868348498731b3d | 33/66 (50.00%)
| 52.138.209.16:443 |
| 2018-05-21 05:17:22 | f41d9ddcbeb5e5f78868348498731b3d | 33/66 (50.00%)
| 13.81.65.66:443 |
| 2018-05-21 05:17:22 | f41d9ddcbeb5e5f78868348498731b3d | 33/66 (50.00%)
| 91.190.217.145:443 |
| 2018-05-16 23:08:09 | 51cc9cee6a4530cbb672a3977c89deec | 31/66 (46.97%)
| 13.81.65.66:443 |
| 2018-05-16 14:56:28 | ea8ebff77d2b56d29467a67f65d2d735 | 44/65 (67.69%)
| 91.190.217.145:443 |
| 2018-05-16 14:56:28 | ea8ebff77d2b56d29467a67f65d2d735 | 44/65 (67.69%)
| 13.81.65.66:443 |
| 2018-05-15 10:55:21 | a036a33fa28347cf24a3182b1f6e5cf0 | 40/66 (60.61%)
| 13.81.65.66:443 |
| 2018-05-15 05:28:11 | 3598cbc67266569b16c402025aacf626 | 25/66 (37.88%)
| 13.81.65.66:443 |
| 2018-05-15 05:28:11 | 3598cbc67266569b16c402025aacf626 | 25/66 (37.88%)
| 91.190.217.145:443 |
| 2018-05-15 05:28:11 | 3598cbc67266569b16c402025aacf626 | 25/66 (37.88%)
| 131.253.61.102:443 |
| 2018-05-06 01:12:30 | 8d7ae0b87159b343b844fef68fb9b042 | 44/67 (65.67%)
| 13.81.65.66:443 |
| 2018-05-06 01:12:30 | 8d7ae0b87159b343b844fef68fb9b042 | 44/67 (65.67%)
| 91.190.217.145:443 |
| 2018-05-05 02:34:18 | 7f1e7277f6063eeb0ea73caa4aa95ac3 | 42/67 (62.69%)
| 13.81.65.66:443 |
| 2018-05-04 12:02:53 | 64c1621a5a77bf675107b3bbed1f7baf | 40/68 (58.82%)
| 13.81.65.66:443 |
| 2018-05-02 04:14:12 | ac0653064eab82d499d9f8a341a19956 | 45/66 (68.18%)
| 52.138.209.16:443 |
| 2018-05-02 04:14:12 | ac0653064eab82d499d9f8a341a19956 | 45/66 (68.18%)
| 13.93.161.37:443 |
| 2018-04-30 06:35:28 | 4a69c53a345204da2f3705c9671137ee | 46/67 (68.66%)
| 13.81.65.66:443 |
| 2018-04-29 18:03:45 | 7784b5f654f3ecc6c41fd152acc968e5 | 45/67 (67.16%)
| 13.81.65.66:443 |
| 2018-04-29 18:03:45 | 7784b5f654f3ecc6c41fd152acc968e5 | 45/67 (67.16%)
| 91.190.217.145:443 |
| 2018-04-27 00:35:01 | 9c7363ddb3c226dbdd9cd7e28e05541b | 58/68 (85.29%)
| 13.93.161.37:443 |
| 2018-04-26 12:03:09 | 3b96c63a35813d1078c2b50b8492f40c | n/a | 13.81.65.66:443 |
# of entries: 100 (max: 100)