Resubmissions

18-05-2024 01:48

240518-b8ehbsee95 10

18-05-2024 01:47

240518-b7snkaee49 10

18-05-2024 01:40

240518-b3mlraec26 10

General

  • Target

    XcHvYYrNa.exe

  • Size

    111KB

  • Sample

    240518-b3mlraec26

  • MD5

    98e558eaea97f0b282b42fa6d49070b6

  • SHA1

    2e48bb1b50177fe17392ac9407ba9f7e45685a3a

  • SHA256

    d50d11636b59a11c81577342de7c72f694c99540311c2c3ffa53126e8cc394f1

  • SHA512

    01dcd7a191ef331fe7626f760064e4368cd06c7a30374b74074d6dddf35683b443fb8c0677d1a7bfa88eac81f482dadf6788f343d9958fc9818be749ac7e9882

  • SSDEEP

    1536:v+bDH/4gqLM91qQIwBI5xxxxdyyKDWfebhDqI68QWfzCrAZuYPwDr:Wb7/4jLSIFxxj8bxqH8QWfzCrAZuYUr

Score
10/10

Malware Config

Extracted

Family

toxiceye

C2

https://api.telegram.org/bot6444357834:AAGtL3te5_xl4dvacn8BJElHrky5SlLcE_4/sendMessage?chat_id=5563559839

Targets

    • Target

      XcHvYYrNa.exe

    • Size

      111KB

    • MD5

      98e558eaea97f0b282b42fa6d49070b6

    • SHA1

      2e48bb1b50177fe17392ac9407ba9f7e45685a3a

    • SHA256

      d50d11636b59a11c81577342de7c72f694c99540311c2c3ffa53126e8cc394f1

    • SHA512

      01dcd7a191ef331fe7626f760064e4368cd06c7a30374b74074d6dddf35683b443fb8c0677d1a7bfa88eac81f482dadf6788f343d9958fc9818be749ac7e9882

    • SSDEEP

      1536:v+bDH/4gqLM91qQIwBI5xxxxdyyKDWfebhDqI68QWfzCrAZuYPwDr:Wb7/4jLSIFxxj8bxqH8QWfzCrAZuYUr

    Score
    10/10
    • ToxicEye

      ToxicEye is a trojan written in C#.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks