Overview

overview

10

Static

static

10

1536-4-0x0...ry.exe

windows7-x64

3

1536-4-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1536-4-0x0000000000400000-0x0000000000438000-memory.dmp

  • Size

    224KB

  • MD5

    782077008f073e6e54e11a7a59bc2282

  • SHA1

    1213497c940c4119fc0c32158a3ad9f882492b7e

  • SHA256

    43daddb90090d2c4982c81941e52c87b4bd44652741e167f11c6a484df044043

  • SHA512

    0cee32b38fd7503f5afde47955798deb389e715eda612b3bbbe64334e4e779a5aed5603a951cb8dcf6c1ac6acaaefaf4bd2b4e7fd2de7045c4819551462ff2c7

  • SSDEEP

    3072:6DVCyFxSYACXFWpIDHYK1K2LS1G2B+vioyUSdUuD5yBNcRr3XJ+cmH:6DVCynACXFWpITS1TB+PSH9kco

Score
10/10
tofsee

Malware Config

Extracted

Family

tofsee

C2

vanaheim.cn

jotunheim.name

Signatures

  • Tofsee family
    tofsee
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1536-4-0x0000000000400000-0x0000000000438000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections