General
-
Target
1072-4-0x0000000000400000-0x000000000043A000-memory.dmp
-
Size
232KB
-
MD5
609687b04f3b132b648ccdc0c28a6b04
-
SHA1
e8469d0094bede50fe654d52d4e7ad979aae6345
-
SHA256
6ac780a8d99e290284b8e7cc7b299bc01af042dc2849eaaf470d6cd8228e45c0
-
SHA512
d101799a7c4a4bfe6bfc32aeda176dd77e90fb5818f36b2320095e95bc18e2506bf4d697418c2fdc8b01ca034cba187a13b1d7e0734e1e9bd58d40c3465fa813
-
SSDEEP
3072:6DVCyFxSYACXFupI6QhseTH0b5dkOExzi6EidpRi5WEqGA:6DVCynACXFupI1rTzOERidA
Score
10/10
Malware Config
Extracted
Family
tofsee
C2
vanaheim.cn
jotunheim.name
Signatures
-
Tofsee family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1072-4-0x0000000000400000-0x000000000043A000-memory.dmp
Headers
Sections