tofsee | c2d94e9579a169f3ccc2003ffb38e69d4c1471f6c24b199adeeb3d88d15c5f78 | Triage

Submit
Reports

Overview

overview

Static

static

3

c2d94e9579...78.exe

windows10-2004-x64

Sharing

General

Target

c2d94e9579a169f3ccc2003ffb38e69d4c1471f6c24b199adeeb3d88d15c5f78
Size

4.8MB
Sample

250103-qt3c6szjak
MD5

c3c762bdf1f673328017ec983249e09e
SHA1

64dc43657c00deb05ad6af004e413b5f79b045a6
SHA256

c2d94e9579a169f3ccc2003ffb38e69d4c1471f6c24b199adeeb3d88d15c5f78
SHA512

7bc0addbea5a3616cf8ed9886c49719d60b2d04e8c9406a1c1f3b382cc3fa4f980882533509fbd98d15ca76735922e56d54762e3402cefbd185721ef5048b8e2
SSDEEP

98304:kK/ZoaObB9IEBiDvXCh3YKxugzUHU9Mrfmr8hYE7j+RJ5HHuQB:P/usEBKeHNN1IvjaJ5HHuS

Score

10^/10

tofsee discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c2d94e9579a169f3ccc2003ffb38e69d4c1471f6c24b199adeeb3d88d15c5f78.exe

Resource

win10v2004-20241007-en

tofsee discovery trojan

windows10-2004-x64

11 signatures

300 seconds

Malware Config

Extracted

Family

tofsee

C2

vanaheim.cn

jotunheim.name

Targets

- Target
  
  c2d94e9579a169f3ccc2003ffb38e69d4c1471f6c24b199adeeb3d88d15c5f78
- Size
  
  4.8MB
- MD5
  
  c3c762bdf1f673328017ec983249e09e
- SHA1
  
  64dc43657c00deb05ad6af004e413b5f79b045a6
- SHA256
  
  c2d94e9579a169f3ccc2003ffb38e69d4c1471f6c24b199adeeb3d88d15c5f78
- SHA512
  
  7bc0addbea5a3616cf8ed9886c49719d60b2d04e8c9406a1c1f3b382cc3fa4f980882533509fbd98d15ca76735922e56d54762e3402cefbd185721ef5048b8e2
- SSDEEP
  
  98304:kK/ZoaObB9IEBiDvXCh3YKxugzUHU9Mrfmr8hYE7j+RJ5HHuQB:P/usEBKeHNN1IvjaJ5HHuS
Score

10^/10

tofsee discovery trojan
- Tofsee
  Backdoor/botnet which carries out malicious activities based on commands from a C2 server.
  trojan tofsee
- Tofsee family
  tofsee
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tofseediscoverytrojan

© 2018-2025

Terms | Privacy