General
-
Target
2972-3-0x0000000000400000-0x00000000005A7000-memory.dmp
-
Size
1.7MB
-
MD5
5da265849fde01ac8dadb29214680350
-
SHA1
537dfe04a40a92ad6193f34dea5ab72dc71df4c2
-
SHA256
503a56007e255e0e5cc776c1d9ec3e5486c671ebdedbfbf2dcecd9d4ada567ab
-
SHA512
969dab70b8693ba22b42aa5cba8a48492a6d240a99a7d26fc67ef5602fcd900d3b4f370ad5837e75e6df90a2d4b6968977775ac77df6bef2cd22bb97d7d386cd
-
SSDEEP
3072:6DVCyFxSYACXFipI8hEivkOKkriIP2CDI9G37Xu3Osr5lwI6G:6DVCynACXFipI+EivklkPP2uISjsj96
Score
10/10
Malware Config
Extracted
Family
tofsee
C2
vanaheim.cn
jotunheim.name
Signatures
-
Tofsee family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2972-3-0x0000000000400000-0x00000000005A7000-memory.dmp
Headers
Sections