General
-
Target
1512-4-0x0000000000400000-0x000000000043E000-memory.dmp
-
Size
248KB
-
MD5
d532879342df6f91a9d0761383600b99
-
SHA1
3ff18abb1477cd21667f0064730a87cee265a1d9
-
SHA256
d519535543cb66e2880119092447b1b3b9b9c8772ab5ce30d34068aee3403b58
-
SHA512
ffb33022ab2c24adab09257eca3881c4a8a92615ca008eaccafd3480d51dc0907a1c54cc3860d37129570e056be62b685dd8388539cc671f76e9fd5d668ce138
-
SSDEEP
3072:6DVCyFxSYACXFYpI+0Ns1KMnwFlscekf3O2D+sYc+PhfRvtVae:6DVCynACXFYpIhTlsclz+PrTf
Score
10/10
Malware Config
Extracted
Family
tofsee
C2
vanaheim.cn
jotunheim.name
Signatures
-
Tofsee family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1512-4-0x0000000000400000-0x000000000043E000-memory.dmp
Headers
Sections