Tofsee malware has been around since 2016. It is used for sending spam messages, conducting click fraud, mining crypto-currency etc. When executed, the malware is capable of making changes to the settings on affected systems and exfiltrating information. It can track users online activities, steal personal information and credentials, and changing browser and DNS settings. Tofsee can be distributed via email as attachments or by bundling it with other programs.
Indicators of compromise are given below.
Malware Hash (MD5/SHA1/SH256)