JA3 Fingerprints
You can find further information about the JA3 fingerprint fd80fa9c6120cdeea8520510f3c644ac, including the corresponding malware samples as well as the associated botnet C&Cs.
Database Entry
| JA3 Fingerprint: | fd80fa9c6120cdeea8520510f3c644ac |
|---|---|
| First seen: | 2018-03-11 09:34:30 UTC |
| Last seen: | 2019-09-10 10:00:50 UTC |
| Status: | Blacklisted |
| Malware samples: | 439 |
| Destination IPs: | 56 |
| Malware: | Tofsee  |
| Listing date: | 2018-11-14 00:00:00 |
Malware Samples
The table below documents all malware samples associated with this JA3 Fingerprint.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Botnet C&C (IP:port) |
|---|---|---|---|
| 2019-09-10 10:00:50 | bf38ec6f5357a6416f57fa1690e9852d |  40 / 68 (58.82%)
| 104.27.187.184:443 |
| 2019-09-09 03:29:40 | d3e0dc2a11169395a1398ba55d2b848c | 41 / 70 (58.57%)
| 104.27.187.184:443 |
| 2019-09-08 18:14:30 | 0fc42aa441bb0f290954fc0fd119572d | n/a | 104.27.186.184:443 |
| 2019-09-08 17:37:46 | fe0e3d96233287f05b0d97e5069020aa | 28 / 70 (40.00%)
| 104.27.186.184:443 |
| 2019-08-29 04:59:59 | 742ccf084a1a6afc151d354e23b4be71 | 32 / 70 (45.71%)
| 104.27.187.184:443 |
| 2019-08-26 16:32:38 | 8658c32ac62efb9cab3b6208ace9fd62 | n/a | 87.240.129.135:443 |
| 2019-08-26 16:24:47 | 4cb964234a61935f587a19ce03ee5f4a | n/a | 87.240.129.135:443 |
| 2019-08-26 14:24:26 | 660da2beb2dfa7abf64a03cb84216221 | n/a | 87.240.129.181:443 |
| 2019-08-26 13:55:51 | 134137e7e564e7e325bbcfb66f2e8875 | n/a | 87.240.129.181:443 |
| 2019-08-26 13:15:05 | efcfdd799f6125c7d8e5967a70cbadce | n/a | 87.240.129.135:443 |
| 2019-08-26 06:38:38 | bd0ac6088b3d592aac40a27ef519aecf | n/a | 87.240.129.181:443 |
| 2019-08-26 05:54:26 | 44bed7131090fe4f2e21b743bda1d91e | n/a | 87.240.129.181:443 |
| 2019-08-26 05:25:31 | fba59b27a3145edfaa4061fb199d29a7 | n/a | 87.240.129.135:443 |
| 2019-08-26 02:49:13 | 3c3581f01efb28d7f1e71afb2d29aed9 | n/a | 87.240.129.181:443 |
| 2019-08-26 02:40:49 | 7a25b766f65b2e4eaf5519831f09189d | n/a | 87.240.129.135:443 |
| 2019-08-26 01:56:34 | 3e1fda8c9192a19980cb75ca6bbc7ccc | n/a | 87.240.129.181:443 |
| 2019-08-26 00:04:30 | 3b575ae43b1cb11501549ab2fdc85679 | n/a | 87.240.129.135:443 |
| 2019-08-25 23:42:52 | 48c046e036adcc3a7fe3ba9fd6d4ac9d | n/a | 87.240.129.135:443 |
| 2019-08-25 20:35:19 | 3c60da03b94b10eafa33ddd2b97ea387 | n/a | 87.240.129.135:443 |
| 2019-08-25 20:35:07 | f2cdf19b478c5de457f7bab9f4fc2e1b | n/a | 87.240.129.181:443 |
| 2019-08-25 20:19:02 | b28d044c0d84107c1ec85224c4e98f92 | n/a | 87.240.129.181:443 |
| 2019-08-24 04:15:33 | f7575ef1f1475f559f36f90d1626c49c | 62 / 68 (91.18%)
| 104.27.187.184:443 |
| 2019-08-22 20:16:54 | 6d978c8c98bd9e132cbc77adca4eb515 | 28 / 71 (39.44%)
| 104.27.186.184:443 |
| 2019-08-17 09:20:25 | 8b5c0bfc0778fd48ad844093c78cf0c2 | 29 / 66 (43.94%)
| 104.27.186.184:443 |
| 2019-08-16 09:10:32 | 0f9ee3afa0672dcb4f7f01027afe8133 | 31 / 66 (46.97%)
| 104.27.187.184:443 |
| 2019-08-16 09:10:32 | 0f9ee3afa0672dcb4f7f01027afe8133 | 31 / 66 (46.97%)
| 104.27.186.184:443 |
| 2019-08-10 13:43:35 | 364913d5f7db89de1fd4c84001ce210d | 22 / 66 (33.33%)
| 104.27.186.184:443 |
| 2019-08-10 13:43:35 | 364913d5f7db89de1fd4c84001ce210d | 22 / 66 (33.33%)
| 104.27.187.184:443 |
| 2019-08-10 01:23:03 | 1adf2d851a29e28788ea3ac234cad419 | 27 / 67 (40.30%)
| 104.27.186.184:443 |
| 2019-08-05 12:50:04 | b9cc10433add686ccae488692b4c2473 | 24 / 68 (35.29%)
| 104.27.187.184:443 |
| 2019-07-30 04:01:54 | 121d2825eacdef780dc38eaadbc09261 | 59 / 69 (85.51%)
| 104.27.187.184:443 |
| 2019-07-09 17:28:32 | bd88dc6d2fedec6468452602a9da1ab8 | n/a | 54.174.88.98:443 |
| 2019-05-19 03:23:04 | 6b3656c5adf8f094f252455982c7f546 | 42/73 (57.53%)
| 35.186.213.138:443 |
| 2019-04-03 08:29:10 | 296e6142d96056408775066fa1d1610f | n/a | 104.27.168.6:443 |
| 2019-04-03 07:04:58 | f39205cd04903935e3463cc5463e4074 | n/a | 104.27.169.6:443 |
| 2019-02-12 17:41:33 | 2ca992d43dc292368b9b37ce9e9cb032 | 40/71 (56.34%)
| 104.18.46.159:443 |
| 2018-11-29 13:40:25 | ebbc767e8d1540a8614e05da97a398f7 | 33/70 (47.14%)
| 104.20.208.21:443 |
| 2018-11-22 16:18:20 | a3f0d4f18f1b20f8931f07a2658edcf7 | 34/67 (50.75%)
| 104.36.193.133:443 |
| 2018-11-22 16:18:17 | a3f0d4f18f1b20f8931f07a2658edcf7 | 34/67 (50.75%)
| 104.36.192.249:443 |
| 2018-11-20 23:29:14 | 83a40a0417d7bc1addec11945d4f4acb | 36/65 (55.38%)
| 104.36.192.191:443 |
| 2018-11-20 23:29:13 | 83a40a0417d7bc1addec11945d4f4acb | 36/65 (55.38%)
| 104.36.192.215:443 |
| 2018-11-20 05:30:33 | be5155baf905961fbff0caf07902ce62 | 27/66 (40.91%)
| 104.36.194.221:443 |
| 2018-11-20 05:30:30 | be5155baf905961fbff0caf07902ce62 | 27/66 (40.91%)
| 104.36.194.225:443 |
| 2018-11-20 05:30:30 | be5155baf905961fbff0caf07902ce62 | 27/66 (40.91%)
| 104.36.195.139:443 |
| 2018-11-20 05:30:28 | be5155baf905961fbff0caf07902ce62 | 27/66 (40.91%)
| 104.36.194.138:443 |
| 2018-11-18 09:28:47 | 7fd59b6093f5554080de55353270554c | 43/68 (63.24%)
| 104.36.194.202:443 |
| 2018-11-18 09:28:45 | 7fd59b6093f5554080de55353270554c | 43/68 (63.24%)
| 104.36.192.246:443 |
| 2018-11-18 09:28:44 | 7fd59b6093f5554080de55353270554c | 43/68 (63.24%)
| 104.36.194.173:443 |
| 2018-08-02 06:13:15 | 746eb72fe4d5096d836aefce59d06590 | 38/68 (55.88%)
| 159.53.224.16:443 |
| 2018-07-29 18:56:24 | d040f181a80d68fa1c4f743f8982a0de | 28/68 (41.18%)
| 159.53.224.16:443 |
| 2018-07-28 01:26:02 | 3c5fbdb5a263876d9482d1c4adc5d204 | 12/68 (17.65%)
| 159.53.85.79:443 |
| 2018-07-28 01:26:02 | 3c5fbdb5a263876d9482d1c4adc5d204 | 12/68 (17.65%)
| 159.53.113.224:443 |
| 2018-07-24 01:04:58 | bb1ef3cfc6ed06a5467abb5ab0543566 | 29/67 (43.28%)
| 159.53.224.16:443 |
| 2018-07-20 19:40:27 | 97eb18c3777a68e1bb5306391669f27f | 43/68 (63.24%)
| 159.53.224.16:443 |
| 2018-06-28 00:12:39 | 735300e6d74aee8cd4645a72a8310e63 | 15/69 (21.74%)
| 13.81.65.66:443 |
| 2018-06-14 16:48:31 | 533d2f82043f73c0def377ebc2240b8e | 42/68 (61.76%)
| 13.81.65.66:443 |
| 2018-06-13 00:36:09 | 78a8905672e1ce08e0bde783701837c7 | 20/66 (30.30%)
| 13.93.161.37:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 13.81.65.66:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.98:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.102:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 2.16.124.231:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 159.53.84.131:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 159.53.62.96:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 91.190.217.145:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.64:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.82:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.100:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 104.20.15.146:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 52.138.209.16:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.66:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 104.20.14.146:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 185.89.12.132:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 131.253.61.96:443 |
| 2018-06-07 15:08:04 | e4dc03171de9820704f39c606a41bc16 | 35/68 (51.47%)
| 159.53.52.227:443 |
| 2018-06-03 16:30:09 | 5b922aaac0ee75c06fb8ec3c7498296b | 13/65 (20.00%)
| 13.81.65.66:443 |
| 2018-06-03 10:28:50 | bb6bbbb072f6ec4e91f4d0426c7c91c9 | 31/66 (46.97%)
| 13.81.65.66:443 |
| 2018-06-03 10:28:50 | bb6bbbb072f6ec4e91f4d0426c7c91c9 | 31/66 (46.97%)
| 91.190.217.145:443 |
| 2018-06-03 10:28:50 | bb6bbbb072f6ec4e91f4d0426c7c91c9 | 31/66 (46.97%)
| 131.253.61.96:443 |
| 2018-06-03 09:46:18 | d6651dfa3f02270bc93cc3c1f6918d17 | 18/66 (27.27%)
| 13.81.65.66:443 |
| 2018-06-03 09:44:16 | a0d0807e8f6e34b7c262652dcb626138 | 13/66 (19.70%)
| 13.81.65.66:443 |
| 2018-06-03 02:18:07 | 0a6d5427970d2a9ac51dcace66cb56a2 | 22/66 (33.33%)
| 13.93.161.37:443 |
| 2018-06-01 20:03:00 | 7ec3ad772c87bd04c113459469c75f6f | 45/67 (67.16%)
| 13.81.65.66:443 |
| 2018-05-31 20:24:44 | c107290225c7a938b78fb6c9b9cf6b96 | 40/67 (59.70%)
| 13.81.65.66:443 |
| 2018-05-31 16:16:57 | 4419de9cd68502b91acb38214ea4e411 | 35/66 (53.03%)
| 13.93.161.37:443 |
| 2018-05-30 20:14:45 | c8e5a6f0366801b54f4db6b15929222e | 13/65 (20.00%)
| 13.81.65.66:443 |
| 2018-05-30 04:55:18 | ee18fade361542966b4691f15fa528d7 | 43/66 (65.15%)
| 91.190.217.145:443 |
| 2018-05-30 04:55:18 | ee18fade361542966b4691f15fa528d7 | 43/66 (65.15%)
| 13.81.65.66:443 |
| 2018-05-29 23:01:50 | 59b8b09e8def0644b0c03c394796c4b4 | 28/64 (43.75%)
| 13.81.65.66:443 |
| 2018-05-29 07:13:39 | ec5594f16d9f4eef0688e974db48b515 | 42/64 (65.62%)
| 13.81.65.66:443 |
| 2018-05-29 07:13:39 | ec5594f16d9f4eef0688e974db48b515 | 42/64 (65.62%)
| 91.190.217.145:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 91.190.217.145:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 131.253.61.66:443 |
| 2018-05-29 03:18:08 | 66862bfce12c9070427de52a91712c69 | 8/66 (12.12%)
| 131.253.61.98:443 |
| 2018-05-28 17:31:37 | 6d8371cd42322e64cd99141cc8f3e1d9 | 31/66 (46.97%)
| 104.20.14.146:443 |
| 2018-05-28 17:31:37 | 6d8371cd42322e64cd99141cc8f3e1d9 | 31/66 (46.97%)
| 185.89.12.132:443 |
| 2018-05-28 17:31:37 | 6d8371cd42322e64cd99141cc8f3e1d9 | 31/66 (46.97%)
| 13.81.65.66:443 |
| 2018-05-28 07:57:46 | c4e43db8e4974f53ed12418727323904 | 20/66 (30.30%)
| 52.138.209.16:443 |
| 2018-05-27 16:49:29 | 776195c2c1b308a058b81eceed594120 | 48/66 (72.73%)
| 13.81.65.66:443 |
| 2018-05-27 16:49:29 | 776195c2c1b308a058b81eceed594120 | 48/66 (72.73%)
| 52.138.209.16:443 |
| 2018-05-26 17:51:00 | 6fefeca48f284c1611265187b1c0436e | 30/66 (45.45%)
| 13.81.65.66:443 |
# of entries: 100 (max: 100)