JA3 Fingerprints
You can find further information about the JA3 fingerprint fd80fa9c6120cdeea8520510f3c644ac, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | fd80fa9c6120cdeea8520510f3c644ac |
|---|---|
| First seen: | 2018-03-11 09:34:30 UTC |
| Last seen: | 2020-11-25 11:26:06 UTC |
| Status: | Blacklisted |
| Malware samples: | 2'249 |
| Destination IPs: | 245 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 00:00:00 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2020-11-25 11:26:06 | d8ad7c73831bc5fcc17a891e47f93813 |  50 / 68 (73.53%)
| 104.27.167.5:443 |
| 2020-11-25 11:26:06 | d8ad7c73831bc5fcc17a891e47f93813 | 50 / 68 (73.53%)
| 172.67.136.89:443 |
| 2020-11-25 11:12:21 | d81929308a5c655550e1a744825d1d15 | n/a | 212.82.100.140:443 |
| 2020-11-25 11:12:21 | d81929308a5c655550e1a744825d1d15 | n/a | 31.13.72.36:443 |
| 2020-11-25 11:09:15 | d80fb9c68d2093a626490c8bc551cac4 | 53 / 68 (77.94%)
| 104.31.68.84:443 |
| 2020-11-25 11:04:41 | d784971f40e700c4d56f948d0160396e | 53 / 71 (74.65%)
| 212.82.100.140:443 |
| 2020-11-25 11:04:41 | d784971f40e700c4d56f948d0160396e | 53 / 71 (74.65%)
| 31.13.72.36:443 |
| 2020-11-25 10:54:44 | d775cc15f95ff18090a71677bd346409 | n/a | 172.67.219.32:443 |
| 2020-11-25 10:54:44 | d775cc15f95ff18090a71677bd346409 | n/a | 104.24.122.22:443 |
| 2020-11-25 10:52:09 | d74cc197f529ac279d385fd36e0ea5c3 | 47 / 69 (68.12%)
| 104.24.123.22:443 |
| 2020-11-25 10:52:09 | d74cc197f529ac279d385fd36e0ea5c3 | 47 / 69 (68.12%)
| 172.67.219.32:443 |
| 2020-11-25 10:50:11 | d7358921729c71733858353555fd7fc8 | 49 / 69 (71.01%)
| 172.67.219.32:443 |
| 2020-11-25 10:23:56 | d64b18cb4652309178530f6f0f12d70c | n/a | 172.67.219.32:443 |
| 2020-11-25 10:01:06 | cf5166bf0247262a7852eecf46a47ecb | 55 / 72 (76.39%)
| 31.13.72.36:443 |
| 2020-11-25 10:01:06 | cf5166bf0247262a7852eecf46a47ecb | 55 / 72 (76.39%)
| 212.82.100.140:443 |
| 2020-11-25 09:47:07 | cf0457c2990075d04ae85e62dc1c06ed | 58 / 71 (81.69%)
| 212.82.100.140:443 |
| 2020-11-25 09:47:06 | cf0457c2990075d04ae85e62dc1c06ed | 58 / 71 (81.69%)
| 31.13.72.36:443 |
| 2020-11-25 09:41:54 | d224d1218bd66fd1c6eebaddb9599c63 | 29 / 69 (42.03%)
| 104.24.122.22:443 |
| 2020-11-25 09:41:54 | d224d1218bd66fd1c6eebaddb9599c63 | 29 / 69 (42.03%)
| 172.67.219.32:443 |
| 2020-11-25 08:23:11 | c6a04f650e41267d319e90c413933afb | 38 / 61 (62.30%)
| 104.24.122.22:443 |
| 2020-11-25 08:23:11 | c6a04f650e41267d319e90c413933afb | 38 / 61 (62.30%)
| 172.67.219.32:443 |
| 2020-11-25 07:44:36 | c00f0caac51db26ed3b24659c0a81e75 | 52 / 70 (74.29%)
| 172.67.219.32:443 |
| 2020-11-25 06:23:48 | b12a03841e31e2e3f6997277f7b35f72 | n/a | 104.28.14.61:443 |
| 2020-11-25 06:23:48 | b12a03841e31e2e3f6997277f7b35f72 | n/a | 104.28.15.61:443 |
| 2020-11-25 03:39:25 | aae32373dadf34f5e583ecd5f06cf9e6 | 46 / 70 (65.71%)
| 104.28.14.61:443 |
| 2020-11-25 03:39:25 | aae32373dadf34f5e583ecd5f06cf9e6 | 46 / 70 (65.71%)
| 104.28.15.61:443 |
| 2020-11-25 01:16:26 | a722d84fdcb05ab517fb96c7aef319af | 56 / 70 (80.00%)
| 104.31.68.84:443 |
| 2020-11-25 01:16:26 | a722d84fdcb05ab517fb96c7aef319af | 56 / 70 (80.00%)
| 172.67.205.170:443 |
| 2020-11-25 01:12:36 | a6fffc6eb460ad9307b375579f8b2450 | 51 / 69 (73.91%)
| 172.67.131.206:443 |
| 2020-11-25 01:12:36 | a6fffc6eb460ad9307b375579f8b2450 | 51 / 69 (73.91%)
| 104.28.15.61:443 |
| 2020-11-25 00:41:50 | a3f81a5a916e27b5eed6a2903a5b7532 | 49 / 71 (69.01%)
| 74.6.160.138:443 |
| 2020-11-25 00:41:50 | a3f81a5a916e27b5eed6a2903a5b7532 | 49 / 71 (69.01%)
| 45.60.53.141:443 |
| 2020-11-24 23:33:21 | a0b1da0c6f96cdaa20dd3e802089bbc3 | 45 / 70 (64.29%)
| 104.28.15.61:443 |
| 2020-11-24 23:33:21 | a0b1da0c6f96cdaa20dd3e802089bbc3 | 45 / 70 (64.29%)
| 172.67.131.206:443 |
| 2020-11-24 23:05:58 | 94d81036179b84a17e86bd0bd0179b8b | 44 / 69 (63.77%)
| 172.64.100.5:443 |
| 2020-11-24 23:05:10 | 912cd9764ec0dac383267c73163147d8 | n/a | 172.64.100.5:443 |
| 2020-11-24 23:01:23 | 8b2d6c95d4115c635d1a8a2bca075d34 | n/a | 172.64.101.5:443 |
| 2020-11-24 23:01:23 | 8b2d6c95d4115c635d1a8a2bca075d34 | n/a | 172.64.100.5:443 |
| 2020-11-24 22:41:28 | 7639dca2807d0b0678669ae0dd20b4d4 | 50 / 72 (69.44%)
| 212.82.100.140:443 |
| 2020-11-24 22:34:43 | 71953ecfe06140c14aaac297dfa52644 | 45 / 69 (65.22%)
| 172.64.101.5:443 |
| 2020-11-24 21:45:54 | 46900e718d7abb61de6059c443f7c432 | 18 / 71 (25.35%)
| 172.64.101.5:443 |
| 2020-11-24 21:39:14 | 3f0ce49bbe596372fa2d5ddc21f62848 | n/a | 104.31.68.84:443 |
| 2020-11-24 21:39:14 | 3f0ce49bbe596372fa2d5ddc21f62848 | n/a | 104.31.69.84:443 |
| 2020-11-24 21:25:40 | 26bc614a7c49f748771ced3ff6642232 | 51 / 71 (71.83%)
| 212.82.100.140:443 |
| 2020-11-24 21:18:33 | 271994abb14675c7a67c7854a884d2bd | 43 / 70 (61.43%)
| 172.64.101.5:443 |
| 2020-11-24 21:18:33 | 271994abb14675c7a67c7854a884d2bd | 43 / 70 (61.43%)
| 172.64.100.5:443 |
| 2020-11-24 21:13:23 | 02837fa2fa5ed064ba1d9a9e52f1ec2e | n/a | 172.64.100.5:443 |
| 2020-11-24 21:13:23 | 02837fa2fa5ed064ba1d9a9e52f1ec2e | n/a | 172.64.101.5:443 |
| 2020-11-24 21:11:26 | 1589333122c6e578080f65391807eaa2 | n/a | 172.67.205.170:443 |
| 2020-11-24 21:11:26 | 1589333122c6e578080f65391807eaa2 | n/a | 104.31.69.84:443 |
| 2020-11-24 21:01:31 | 2100cc4a8465ec536c9a42dcb5ef3344 | 50 / 72 (69.44%)
| 212.82.100.140:443 |
| 2020-11-24 21:01:31 | 2100cc4a8465ec536c9a42dcb5ef3344 | 50 / 72 (69.44%)
| 31.13.72.36:443 |
| 2020-11-24 21:01:30 | 2100cc4a8465ec536c9a42dcb5ef3344 | 50 / 72 (69.44%)
| 157.240.194.35:443 |
| 2020-11-24 20:51:12 | 1cb142cd2a85eff063ea413ca5332ff9 | n/a | 212.82.100.140:443 |
| 2020-11-24 20:47:46 | b0a256a4ac3afc1c9175603dd8aa42da | 40 / 72 (55.56%)
| 212.82.100.140:443 |
| 2020-11-24 20:47:42 | b0a256a4ac3afc1c9175603dd8aa42da | 40 / 72 (55.56%)
| 31.13.72.36:443 |
| 2020-11-24 20:46:04 | 0d1c0e17b29f0c414d71c3bd84ac47e8 | 48 / 70 (68.57%)
| 172.64.100.5:443 |
| 2020-11-24 20:45:16 | 129a483b0ecba4ea903a9cd69cabbbe7 | 51 / 71 (71.83%)
| 104.28.14.61:443 |
| 2020-11-24 20:45:16 | 129a483b0ecba4ea903a9cd69cabbbe7 | 51 / 71 (71.83%)
| 172.67.131.206:443 |
| 2020-11-24 19:09:03 | b41c1ed086a17f485c703763507867c8 | 41 / 72 (56.94%)
| 172.67.205.170:443 |
| 2020-11-24 19:09:02 | b41c1ed086a17f485c703763507867c8 | 41 / 72 (56.94%)
| 104.31.68.84:443 |
| 2020-11-23 21:35:55 | 6f0bb0ef5eb6e94c0e501f29444af877 | n/a | 104.28.14.61:443 |
| 2020-11-23 21:35:55 | 6f0bb0ef5eb6e94c0e501f29444af877 | n/a | 172.67.131.206:443 |
| 2020-11-23 21:12:53 | 5e799574662a6df3611b9200336c388c | 49 / 72 (68.06%)
| 172.64.197.15:443 |
| 2020-11-23 20:56:39 | 53b9c1165e7737448271a22d0089dc13 | 44 / 70 (62.86%)
| 172.64.196.15:443 |
| 2020-11-23 20:56:39 | 53b9c1165e7737448271a22d0089dc13 | 44 / 70 (62.86%)
| 172.64.197.15:443 |
| 2020-11-23 20:08:31 | 03003e0a32d48983e839a58c47ae3317 | 43 / 72 (59.72%)
| 172.64.196.15:443 |
| 2020-11-23 20:08:30 | 03003e0a32d48983e839a58c47ae3317 | 43 / 72 (59.72%)
| 172.64.197.15:443 |
| 2020-11-23 20:01:09 | 04c1b7ca98690f8dcd3ee047f6803364 | n/a | 172.64.196.15:443 |
| 2020-11-23 16:09:25 | a8f9b750911e0bb1098b0ccfb610c2f0 | 40 / 72 (55.56%)
| 104.28.5.155:443 |
| 2020-11-23 16:02:54 | a8b4fa4c274ec6d5572d1138b3c9a99e | n/a | 104.28.15.61:443 |
| 2020-11-23 04:11:04 | a2c03178d5c9f88ad8752bfb69b6c1ab | n/a | 104.24.123.22:443 |
| 2020-11-23 02:56:11 | 9d995b94ddaa01a9d1bd1fc5bc0e3c6b | 58 / 72 (80.56%)
| 104.24.122.22:443 |
| 2020-11-23 02:51:58 | 9cb05a28ad49accdf8641a22ff088ea3 | n/a | 104.28.14.61:443 |
| 2020-11-23 02:51:58 | 9cb05a28ad49accdf8641a22ff088ea3 | n/a | 172.67.205.170:443 |
| 2020-11-23 02:51:58 | 9cb05a28ad49accdf8641a22ff088ea3 | n/a | 172.67.131.206:443 |
| 2020-11-23 02:38:38 | 998da825df582fcfbb2c67cfd1a63bbc | n/a | 172.67.219.32:443 |
| 2020-11-23 02:33:11 | 96f21229be085c87414a53b1f17b9e81 | n/a | 104.28.5.155:443 |
| 2020-11-23 01:38:43 | 83a160a453695f9b31a9347dddde04d0 | 54 / 71 (76.06%)
| 104.24.122.22:443 |
| 2020-11-23 01:38:43 | 83a160a453695f9b31a9347dddde04d0 | 54 / 71 (76.06%)
| 104.24.123.22:443 |
| 2020-11-23 01:25:07 | 7edc0abf255f451d2e6e127d80af8570 | 46 / 71 (64.79%)
| 172.67.219.32:443 |
| 2020-11-23 01:25:06 | 7edc0abf255f451d2e6e127d80af8570 | 46 / 71 (64.79%)
| 104.24.123.22:443 |
| 2020-11-23 01:07:47 | 779e04568981034b44a2962845893899 | n/a | 104.24.122.22:443 |
| 2020-11-23 01:07:47 | 779e04568981034b44a2962845893899 | n/a | 104.24.123.22:443 |
| 2020-11-23 00:32:24 | 689ea43e499b80bf9483f0975d4f9c15 | 28 / 69 (40.58%)
| 172.67.219.32:443 |
| 2020-11-23 00:32:24 | 689ea43e499b80bf9483f0975d4f9c15 | 28 / 69 (40.58%)
| 104.24.122.22:443 |
| 2020-11-23 00:30:32 | 6906d8078921210e20092a4fec1fd9e2 | n/a | 104.24.123.22:443 |
| 2020-11-23 00:30:32 | 6906d8078921210e20092a4fec1fd9e2 | n/a | 172.67.219.32:443 |
| 2020-11-23 00:20:32 | 6546e9c4c877ec5c9bfd7d59da578069 | n/a | 104.28.14.61:443 |
| 2020-11-22 22:57:49 | 459f9f48b1b46148232ab92b5371e3d3 | n/a | 104.24.122.22:443 |
| 2020-11-22 21:48:13 | 381aabb877ba8aaee6a59d107814344c | 51 / 70 (72.86%)
| 172.67.219.32:443 |
| 2020-11-22 21:48:13 | 381aabb877ba8aaee6a59d107814344c | 51 / 70 (72.86%)
| 104.24.122.22:443 |
| 2020-11-22 20:18:27 | 0dac04f4c57835525d31464bd3d58309 | n/a | 104.24.122.22:443 |
| 2020-11-22 20:18:27 | 0dac04f4c57835525d31464bd3d58309 | n/a | 172.67.219.32:443 |
| 2020-11-22 20:08:50 | 080f2b61cdf8d14f68ee7934d0bb0402 | 41 / 69 (59.42%)
| 104.24.123.22:443 |
| 2020-11-22 20:08:50 | 080f2b61cdf8d14f68ee7934d0bb0402 | 41 / 69 (59.42%)
| 172.67.219.32:443 |
| 2020-11-22 19:44:27 | 3434ea8c47a22cf4b59f550317579c6e | 35 / 62 (56.45%)
| 172.64.196.15:443 |
| 2020-11-22 19:44:27 | 3434ea8c47a22cf4b59f550317579c6e | 35 / 62 (56.45%)
| 172.64.197.15:443 |
| 2020-11-22 19:35:28 | 1fd7bf848f2650593d6ce75e64a69566 | 55 / 71 (77.46%)
| 104.31.69.84:443 |
| 2020-11-22 18:10:32 | c6d6a346ac3fe9a0d27b3346b4422ea6 | 46 / 72 (63.89%)
| 104.24.123.22:443 |
# of entries: 100 (max: 100)