Overview

overview

10

Static

static

10

6538369d45...KI.exe

windows7-x64

10

6538369d45...KI.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6538369d45139f5c9e24a65b13fbd090_NEIKI

  • Size

    111KB

  • Sample

    240508-1j9dvaha3z

  • MD5

    6538369d45139f5c9e24a65b13fbd090

  • SHA1

    1c0972a20fc8278947a66a95f87eadcbea3a8861

  • SHA256

    1e381576d27967ba71cf844ff6a5a217062b78d4d1e3b91fefe4400a0929b50b

  • SHA512

    31e00cb69aab15d435f511258bb7d067d59294dbe306d3127d467a9aa482e6c8c4f87b23b46550196a86d5d0bfc003527b1fae5dfd51204a38b86504bdece384

  • SSDEEP

    3072:2b/YUuQaS+T8sBkGncdNujNhOYhbxqH7QWEzCrAZuYil:qYUuQaS+T8sBkGncYNVbgW

Score
10/10
toxiceyerattrojan

Malware Config

Extracted

Family

toxiceye

C2

https://api.telegram.org/bot6614924384:AAFfRfKSXv_nYZghPcfGxWb5r0pZZqztlKU/sendMessage?chat_id=5006597517

Targets

    • Target

      6538369d45139f5c9e24a65b13fbd090_NEIKI

    • Size

      111KB

    • MD5

      6538369d45139f5c9e24a65b13fbd090

    • SHA1

      1c0972a20fc8278947a66a95f87eadcbea3a8861

    • SHA256

      1e381576d27967ba71cf844ff6a5a217062b78d4d1e3b91fefe4400a0929b50b

    • SHA512

      31e00cb69aab15d435f511258bb7d067d59294dbe306d3127d467a9aa482e6c8c4f87b23b46550196a86d5d0bfc003527b1fae5dfd51204a38b86504bdece384

    • SSDEEP

      3072:2b/YUuQaS+T8sBkGncdNujNhOYhbxqH7QWEzCrAZuYil:qYUuQaS+T8sBkGncYNVbgW

    Score
    10/10
    toxiceyerattrojan

    • ToxicEye

      ToxicEye is a trojan written in C#.

      rattrojantoxiceye

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks