tofsee | 2338bf4fdee9ddc92e3b71d254c73a15395305c766c86745554d5dd1e4aa7cde | Triage

Sharing

General

Target

2872-3-0x0000000000400000-0x000000000043F000-memory.dmp
Size

252KB
Sample

241122-wcr4rs1kgj
MD5

3a48550a4ded2827ef2e4d3bb00f764b
SHA1

c1407faeebf9c5c27dd570e0705bf626cb127785
SHA256

2338bf4fdee9ddc92e3b71d254c73a15395305c766c86745554d5dd1e4aa7cde
SHA512

796f4ca3aee409d94eab4e21e2b31e370a32bebce706b4414be5c3a10352f274ceb5604282573a327e63cde54bded64627a1a3e7b42fbdd26bf4954792e97e94
SSDEEP

3072:6DVCyFxSYACXF0pIHq4hr7zn15ZfkTCUuhGgrBXETBS:6DVCynACXF0pIK4rfzUcGS

Score

10^/10

tofsee discovery

Malware Config

Extracted

Family

tofsee

C2

vanaheim.cn

jotunheim.name

Targets

- Target
  
  2872-3-0x0000000000400000-0x000000000043F000-memory.dmp
- Size
  
  252KB
- MD5
  
  3a48550a4ded2827ef2e4d3bb00f764b
- SHA1
  
  c1407faeebf9c5c27dd570e0705bf626cb127785
- SHA256
  
  2338bf4fdee9ddc92e3b71d254c73a15395305c766c86745554d5dd1e4aa7cde
- SHA512
  
  796f4ca3aee409d94eab4e21e2b31e370a32bebce706b4414be5c3a10352f274ceb5604282573a327e63cde54bded64627a1a3e7b42fbdd26bf4954792e97e94
- SSDEEP
  
  3072:6DVCyFxSYACXF0pIHq4hr7zn15ZfkTCUuhGgrBXETBS:6DVCynACXF0pIK4rfzUcGS
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2