Overview

overview

10

Static

static

10

41bd68b9e0...b0.exe

windows7-x64

10

41bd68b9e0...b0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    41bd68b9e01c2019478cb811b44cffb0.bin

  • Size

    119KB

  • Sample

    240509-cc1lcseg67

  • MD5

    41bd68b9e01c2019478cb811b44cffb0

  • SHA1

    6fa177eb529a76f734361fc321854a4b0d938fad

  • SHA256

    c83adba97cd5425d70aa5f5cc452554573e61312c835e18d9d050edf84924fc5

  • SHA512

    e4134d34f2fe34f6cd630547abe82f868646d6ee72a173c90280847eaa6caad6297f94e0f285de340a90a1717e0f40bb7d2297a53c8b2395e8a74628b72f9812

  • SSDEEP

    3072:ZaztXZwwoPpqDecIIbxqH4QWVzCrAZuD4x:U1nDeBIbUk

Score
10/10
toxiceyerattrojan

Malware Config

Extracted

Family

toxiceye

C2

https://api.telegram.org/bot7005624592:AAFT1GroRFjOnavaa8nJipFR-iCuYT3f2xQ/sendMessage?chat_id=6235796510

Targets

    • Target

      41bd68b9e01c2019478cb811b44cffb0.bin

    • Size

      119KB

    • MD5

      41bd68b9e01c2019478cb811b44cffb0

    • SHA1

      6fa177eb529a76f734361fc321854a4b0d938fad

    • SHA256

      c83adba97cd5425d70aa5f5cc452554573e61312c835e18d9d050edf84924fc5

    • SHA512

      e4134d34f2fe34f6cd630547abe82f868646d6ee72a173c90280847eaa6caad6297f94e0f285de340a90a1717e0f40bb7d2297a53c8b2395e8a74628b72f9812

    • SSDEEP

      3072:ZaztXZwwoPpqDecIIbxqH4QWVzCrAZuD4x:U1nDeBIbUk

    Score
    10/10
    toxiceyerattrojan

    • ToxicEye

      ToxicEye is a trojan written in C#.

      rattrojantoxiceye

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks