Overview
overview
9Static
static
7TGX V4 - v...ll.dll
windows7-x64
1TGX V4 - v...ll.dll
windows10-2004-x64
1TGX V4 - v...PC.dll
windows7-x64
3TGX V4 - v...PC.dll
windows10-2004-x64
3TGX V4 - v...on.dll
windows7-x64
9TGX V4 - v...on.dll
windows10-2004-x64
9TGX V4 - v...on.dll
windows7-x64
1TGX V4 - v...on.dll
windows10-2004-x64
3TGX V4 - v...it.dll
windows7-x64
1TGX V4 - v...it.dll
windows10-2004-x64
1TGX V4 - v...on.dll
windows7-x64
1TGX V4 - v...on.dll
windows10-2004-x64
1TGX V4 - v...3.0.js
windows7-x64
1TGX V4 - v...3.0.js
windows10-2004-x64
1TGX V4 - v...bot.js
windows7-x64
1TGX V4 - v...bot.js
windows10-2004-x64
1TGX V4 - v...bot.js
windows7-x64
1TGX V4 - v...bot.js
windows10-2004-x64
1TGX V4 - v... v2.js
windows7-x64
1TGX V4 - v... v2.js
windows10-2004-x64
1TGX V4 - v...rer.js
windows7-x64
1TGX V4 - v...rer.js
windows10-2004-x64
1TGX V4 - v...y 2.js
windows7-x64
1TGX V4 - v...y 2.js
windows10-2004-x64
1TGX V4 - v... V3.js
windows7-x64
1TGX V4 - v... V3.js
windows10-2004-x64
1TGX V4 - v...on.dll
windows7-x64
1TGX V4 - v...on.dll
windows10-2004-x64
1TGX V4 - v...GX.exe
windows7-x64
6TGX V4 - v...GX.exe
windows10-2004-x64
8TGX V4 - v...PI.dll
windows7-x64
1TGX V4 - v...PI.dll
windows10-2004-x64
1General
-
Target
TGX_V4_-_v1.0.1.zip
-
Size
33MB
-
Sample
230326-1vct1sab73
-
MD5
e99af3db67b00b0ea2294d6f6203ce6c
-
SHA1
4fc97df814e0618fb2e67ffe4b6b52aa83adba60
-
SHA256
029a99cedf1bcb08fd5def931d0b3ba4eb075cd79870cca47e26041e358841fe
-
SHA512
349049104564986ead6878811fe36c8a6cfa86638c101a5e694df579f528494b4e7d2e2df090989e750d6abf6cfc92850bf20b0f832353adab7b8e2884f89933
-
SSDEEP
786432:u/J45nBinc2HAAL7cevxiSpyN0dqbjYchNFHp4XYpCUIqmL65ot6292Qu:u/J45nBs17v7OY2ZpgYFIqzN292z
Behavioral task
behavioral1
Sample
TGX V4 - v1.0.1/Cake.Powershell.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
TGX V4 - v1.0.1/Cake.Powershell.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
TGX V4 - v1.0.1/DiscordRPC.dll
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
TGX V4 - v1.0.1/DiscordRPC.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
TGX V4 - v1.0.1/Electron.dll
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
TGX V4 - v1.0.1/Electron.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
TGX V4 - v1.0.1/Evon.dll
Resource
win7-20230220-en
Behavioral task
behavioral8
Sample
TGX V4 - v1.0.1/Evon.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
TGX V4 - v1.0.1/ICSharpCode.AvalonEdit.dll
Resource
win7-20230220-en
Behavioral task
behavioral10
Sample
TGX V4 - v1.0.1/ICSharpCode.AvalonEdit.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral11
Sample
TGX V4 - v1.0.1/Newtonsoft.Json.dll
Resource
win7-20230220-en
Behavioral task
behavioral12
Sample
TGX V4 - v1.0.1/Newtonsoft.Json.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral13
Sample
TGX V4 - v1.0.1/Scripts/Aimbot 3.0.js
Resource
win7-20230220-en
Behavioral task
behavioral14
Sample
TGX V4 - v1.0.1/Scripts/Aimbot 3.0.js
Resource
win10v2004-20230221-en
Behavioral task
behavioral15
Sample
TGX V4 - v1.0.1/Scripts/Aimbot.js
Resource
win7-20230220-en
Behavioral task
behavioral16
Sample
TGX V4 - v1.0.1/Scripts/Aimbot.js
Resource
win10v2004-20230220-en
Behavioral task
behavioral17
Sample
TGX V4 - v1.0.1/Scripts/CC Aimbot.js
Resource
win7-20230220-en
Behavioral task
behavioral18
Sample
TGX V4 - v1.0.1/Scripts/CC Aimbot.js
Resource
win10v2004-20230221-en
Behavioral task
behavioral19
Sample
TGX V4 - v1.0.1/Scripts/Dex Explorer v2.js
Resource
win7-20230220-en
Behavioral task
behavioral20
Sample
TGX V4 - v1.0.1/Scripts/Dex Explorer v2.js
Resource
win10v2004-20230220-en
Behavioral task
behavioral21
Sample
TGX V4 - v1.0.1/Scripts/Dex Explorer.js
Resource
win7-20230220-en
Behavioral task
behavioral22
Sample
TGX V4 - v1.0.1/Scripts/Dex Explorer.js
Resource
win10v2004-20230220-en
Behavioral task
behavioral23
Sample
TGX V4 - v1.0.1/Scripts/Mad City 2.js
Resource
win7-20230220-en
Behavioral task
behavioral24
Sample
TGX V4 - v1.0.1/Scripts/Mad City 2.js
Resource
win10v2004-20230220-en
Behavioral task
behavioral25
Sample
TGX V4 - v1.0.1/Scripts/TopKek V3.js
Resource
win7-20230220-en
Behavioral task
behavioral26
Sample
TGX V4 - v1.0.1/Scripts/TopKek V3.js
Resource
win10v2004-20230220-en
Behavioral task
behavioral27
Sample
TGX V4 - v1.0.1/System.Management.Automation.dll
Resource
win7-20230220-en
Behavioral task
behavioral28
Sample
TGX V4 - v1.0.1/System.Management.Automation.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral29
Sample
TGX V4 - v1.0.1/TGX.exe
Resource
win7-20230220-en
Behavioral task
behavioral30
Sample
TGX V4 - v1.0.1/TGX.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral31
Sample
TGX V4 - v1.0.1/WeAreDevs_API.dll
Resource
win7-20230220-en
Behavioral task
behavioral32
Sample
TGX V4 - v1.0.1/WeAreDevs_API.dll
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
TGX V4 - v1.0.1/Cake.Powershell.dll
-
Size
28KB
-
MD5
e670c1d9604c5b16161ec0e3ee380b5f
-
SHA1
553de7b1527aba7b4e65564cb6a18987fb28e3b8
-
SHA256
e1c4aa1cfc34c4380d919c1b3b6d9f85d436ce0fcf8c711f7a2bf56a21a04958
-
SHA512
ffe4ded1e6a932c83efb63444b194b0f58695784353af0a4454aed3ec3104205432237f776612f4cb1f405fe3ef13ba2d58c005bd913b0f6ff039a8ae0155d82
-
SSDEEP
384:VmbMVvW1gULM8tOVS3ozBVDqQqX8LE0y920aVfJUyqWRc3OVykL:VmYVvRSM8tOVS3oml8LEY7Vqec+x
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/DiscordRPC.dll
-
Size
289KB
-
MD5
a1c35901ad26a30c5b7836771b6badff
-
SHA1
94a57cd3452a53c209323a1ce738b9f0fb0d6087
-
SHA256
517240600b04d454cc5ab7b03e43c4af5a0b831fd2515f25c015a83652ad4cac
-
SHA512
0af73788858e85df874cc232f5d31765648ffbf53d7fdf388fc1b619f44b9ca172c3ac92c983cbeec5d22b6692cd7d3f20734c8e759fe9cf53ac2671d9c1d5e4
-
SSDEEP
6144:iiLsvWG766dSiKXs2Ol2JWzh0TWxwpeqN55I8pF+WVe2KN6nB/F:iiLmW8daXs2dWzx5M5I8P+WM2a6tF
Score3/10 -
-
-
Target
TGX V4 - v1.0.1/Electron.dll
-
Size
10MB
-
MD5
422033e61c2e450c76066c28496979d2
-
SHA1
a2de1fbc7ad1c4049dd0f307428ab443cb7708e0
-
SHA256
c61dc15192473b4ddfbf4ddeab4f112f83990dc18a96853a2001098d40f77512
-
SHA512
3006fd98be5db6bb5b63b15787a37d741c821add95d860a4f735c2a80a4181383370410573e1ab609d27376e3f9cc58e1cba522ea4083b259f7fbb3c4dad6107
-
SSDEEP
196608:93bB67MXg4AcLcf8SXzZ4mbTyrdk0qDi+2cahKaY26XNhWOhdzldTR:93bGMXgRK2XKYTq+0qmDK2IbWY
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
TGX V4 - v1.0.1/Evon.dll
-
Size
4MB
-
MD5
b3f8a6d115f48ccb6a7d538fc79efeb7
-
SHA1
83a67aa87f0e8364ead923436176a94795468d82
-
SHA256
05c0ff3837fbf2014a565ca164786eb547f7514f0be4fc4d0ae2ca94cee96f9b
-
SHA512
8f79f4321f04c79a8ce9b90d0b8090f3c8ec522dc15cacdc6edaad85b855e6203b658db3d7073af1a420904edb94cdef402a3318d162a7c9ae64c2421c799f0f
-
SSDEEP
98304:ayMezJfM+xWEL5lOERWP5/Z5qckfXtyfIT1NWQJmF7ZGz5L:JMg+mDDdRk5BFoyfIxAQJeFML
Score3/10 -
-
-
Target
TGX V4 - v1.0.1/ICSharpCode.AvalonEdit.dll
-
Size
605KB
-
MD5
8f36b03d547fb3e0f9654d4f3074b89f
-
SHA1
efa7dc54a626c20cbaec3b19b517a2ab64ac6e63
-
SHA256
941d014ff2689248704b92e4de92bc7a6015a4fcd31dec426ef2d727acc04231
-
SHA512
27c3020357d19a1498fff8c70d86e501b2b691a179fcf82d4590f371df6130157e7a88c97d5d22c9dcebd4d94af54d2aff90bb12589b88e6b65f3f50e9067509
-
SSDEEP
6144:kiYcovb1WrZKNhU7nMjaR6dmnItzdSdoO+MSHMb5RKs8rvD288LPnM+k3XjXAUiW:kPcovbRon6cSEKvrvS88Lf1ltm
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/Newtonsoft.Json.dll
-
Size
685KB
-
MD5
081d9558bbb7adce142da153b2d5577a
-
SHA1
7d0ad03fbda1c24f883116b940717e596073ae96
-
SHA256
b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3
-
SHA512
2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511
-
SSDEEP
12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3Q5:U8m657w6ZBLmkitKqBCjC0PDgM5A5
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/Scripts/Aimbot 3.0.txt
-
Size
98KB
-
MD5
a026af0c23f83d6ec3ee17a4453c7dcf
-
SHA1
e707b0ebf1eac194e90c70767ee29a1c37e1a4a2
-
SHA256
81fe4c1f8cbcf06e43a347fd8c39ceef960995031ae71db385c28636dfce3ec8
-
SHA512
9817501504aa1b4777f8d0b10c9776d224e0aa38e9ca91a6c80d472d5b5ceafac2e507c335a2bd9959073d74912825e1361bae699404b8c3bcdd9306b85c1b79
-
SSDEEP
1536:3N+t5Lq6w48qJ4UJe6wyG9EeG251GX/J3GC1Zqn+MVpx2RnB:kt5L0UJe6wyG9EeG251GX/J3GC1ciVB
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/Scripts/Aimbot.txt
-
Size
30KB
-
MD5
3ea5f844c18f550a3db09193c56594e8
-
SHA1
389968ae4228908180ba68ecfab2ddfabeb0966b
-
SHA256
d33d3205288b776d977ad0047647bc8d40b83bc7d4f190f86f1011c8b417e983
-
SHA512
8af81e52e74950a1961ad004400140386b0ad3d49d64e9617ad12d4550a4b1699eddf8e79849a32cdbdad034f25ee535430de9bef0513758e48b29a54d52b440
-
SSDEEP
768:DW6T+ELiUI29j8vVwP8UkSVDYtDkYNighmLlmyEDKtpWpJ7xwrs5SwG1NBbp0Bwh:iYTEK0y
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/Scripts/CC Aimbot.txt
-
Size
23KB
-
MD5
3ab630b89a082862b82b552185ea4f84
-
SHA1
703658e38cb131e6e53491f437a2e7e80a19ba82
-
SHA256
54cba20aa0213ce83ed348763db0b17a55e4f39fbeae2ef0535ccf76b95bf622
-
SHA512
9c290dd73db4425643f52f5f72c9c4d55666071141f3efd696e4b757b46ebf9fc6bb964ed61f3d9e3ddcbdf4073850041a43b9df6dbf50fcace9382d875fe77b
-
SSDEEP
384:vP89lT07hqwp4EfExaDMluPQhKj8NTtXNKCkqJKcGfOtCZukLQKfb/eo5H+mYxsa:vP8XT07hqwp4EfExaDMluPQhKj8NTtXR
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/Scripts/Dex Explorer v2.txt
-
Size
632KB
-
MD5
317fec7c823a6ba4ad613220b587a0e8
-
SHA1
3884e8a9a9122e7912c76c919f20c1b9d274f505
-
SHA256
5573cc6f439511c5ec73b0c88af87bce49cac37475aa32da5b75b931f632a3dc
-
SHA512
d5adc2137051ab321197d0a2261ab991f5bf16e0271485c64b66679d863efb58191fe269fc40aa39feefd380b28d33168a6910b7ec40dedd2974e6d1d2db0bad
-
SSDEEP
12288:fyXiPr7Gja8LsZuN6nQRXONQDKZsjOCBkVgfgLcbVgBe28Vk9Gm1OvClEjmD1Szi:fyXiPr7Gja8LsZuN6nQRXONQDKZsjOC0
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/Scripts/Dex Explorer.txt
-
Size
2KB
-
MD5
2653a7d92c77ce2269e5d83f9276df81
-
SHA1
dc7789afa8887e2a2e3bf1146c2636ade1f50ec3
-
SHA256
9e7179b6dfc1ad3a0bd5182290bb335ccf3fd51ecfa7740b8271814a9a564f5d
-
SHA512
f025b189a5d31fceefb9cec270640b1f63552500657704833b68cd7820bb1c98abc33c8c2976d09b927ecfb2ac30f22c6b51da89d8c186093fc10fdc28d177c2
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/Scripts/Mad City 2.txt
-
Size
266KB
-
MD5
1f2e26cfc004bdc2f2de0679c8ff2568
-
SHA1
82f610d4b99fd08b52ffdd7d23b9f036bdcf27ba
-
SHA256
629a0b979031a8b94d19e55cc1974c1361b491b005ca6b2f849265c5812b39f4
-
SHA512
155fd7696881f01e401028f39e123a3023d5f84dab1a41c8b0440587b00aa8d4bab6654414c6e5a49ffae69734cbf2f0dac68cb1106a717e4216c69ef762103b
-
SSDEEP
3072:VS2T6iABa4FZmn//HRR4OhRUU8EdPpES4xFdbIy91oH34O91N8sh/:VVTPzYZmnnoOLUzEdR34xFdbIUoXJisB
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/Scripts/TopKek V3.txt
-
Size
81KB
-
MD5
9e488b83078daf39e6f15f90c8d689cf
-
SHA1
8602a9d4ecb5c4ea52f096e60b72607731c62277
-
SHA256
c40fe38b134a8484794b773a363377ec8b37ed8bb5b5c88e182f4f7acc60b4c8
-
SHA512
a86b60e792572ecc512ffad6eab8c271da206fe108d03c9c0156b5eea7a889c61943e88480a14f51ca787c79d084bc099cd3b01e7b5569e6149b3b079a45839a
-
SSDEEP
768:l9dGinWaivTGFMoN6x94g+SnITXinAUJj0WFtdefC3ELZ7KhJDr0RzKokMy23ckW:Y3sr7b8W2PSh0gpNtiVtB
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/System.Management.Automation.dll
-
Size
352KB
-
MD5
835e9ede7e7c774e7a2d56cfdf6e9b17
-
SHA1
a43ed886b68c6ee913da85df9ad2064f1d81c470
-
SHA256
c3a5868584a777422cebcf31d6718fd2b26d5e2314d3b5ba6d8e47aa40faba0c
-
SHA512
74284fd44497beb74326d11a0f63d96aff20aa44cfa8385f6b63b7e6743403c36e2ea4fb0d991767117a97d320e04d2b21f0a4730916244af4ffdaf51e834a26
-
SSDEEP
3072:d/SDqTIE+QQVVBCTmAG17iT+Lt8D/1L2iLZdrs81sDotEKjRmarzRm+5gSBZqoEJ:d/PXS6WK2iLZdgotEKj9rzRmkgSBAot
Score1/10 -
-
-
Target
TGX V4 - v1.0.1/TGX.exe
-
Size
686KB
-
MD5
358553a814a08049588884804d3d1313
-
SHA1
a59adcb156b401342e5c49cbf450c2c8f6510b20
-
SHA256
1109750a2a9f11f1bded96bba40ccc4e03a5445ff3c77a40fe0483c969067cac
-
SHA512
551b7fc34241b330a9235aa66d8cabb0bca610fe4294534e94724ba68fa80581dc218aa2aa6dbd613434bedee01c1a34a254fae3fff6aed0563fe1c588098d6a
-
SSDEEP
12288:Jjjfq6jHHj3AoQaOpNXKpYri+OpKY/JfFH1LGOUbPF8wTbHGQ:BtLvs/Xxri+OpKsFdGPbWgbHG
Score8/10-
Downloads MZ/PE file
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
TGX V4 - v1.0.1/WeAreDevs_API.dll
-
Size
605KB
-
MD5
f263efb1b579cc33a0f1024c2a18d03b
-
SHA1
e9dc916b6d4606ba47e30787387dcfd490bafc56
-
SHA256
f2732f9e3a87d874a3108f8ff0be200bcab9d07fe77b02aaacd94da1efcb3963
-
SHA512
09a3d948b52b16136f2ce9ecdb094a99092a4a9cf6f324e67a0a5d04d244cf4c3fd2696010f1884272240c3bc24fdaf1edc9ac102bc438564e7fc0be7b2fca34
-
SSDEEP
12288:F+RkGrbk/x95DR7XZdfrXg+JwuKt/S/60pR5kjo5Bda7EptO:okyk/x9L7Xfw+Jwz/S/69k5BkApt
Score1/10 -