Overview

overview

10

Static

static

10

2196-2-0x0...ry.exe

windows7-x64

3

2196-2-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2196-2-0x0000000000400000-0x00000000005A8000-memory.dmp

  • Size

    1.7MB

  • MD5

    979a671539ed00270efc2709746963d0

  • SHA1

    c1a4bcf11811fd591da6aa74ccc1a30a95cde7c8

  • SHA256

    75c5ad399955afe94859dc07f977e30c93a3968885c2abcc6ce58344ada7a657

  • SHA512

    b31414a72b2df8590a4189e192d55b2973a4467aa62ecd0b1e53f45756deb7cfe3a02bba7fc3ecb8bab1d3cd120752c438af6683732bc8580cca5580cf4dfa09

  • SSDEEP

    3072:6DVCyFxSYACXFZpIwFQTdd80wrQqH98Who5t:6DVCynACXFZpImYGy

Score
10/10
tofsee

Malware Config

Extracted

Family

tofsee

C2

vanaheim.cn

jotunheim.name

Signatures

  • Tofsee family
    tofsee
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2196-2-0x0000000000400000-0x00000000005A8000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections