General

  • Target

    7lk7vT1.exe

  • Size

    119KB

  • Sample

    240518-r2zgxsgd88

  • MD5

    f548ca220d471a524cb1c7d8ff613721

  • SHA1

    3040c8945b16a58f44dd4f1ae5a7b0faf61b405e

  • SHA256

    5d0be378578617a2264e822d1b4424d71e8fa3e8dad60b30af614b173682880b

  • SHA512

    b1ea254c1ab6c3983cdb906f39403da5b342fed1836b14b4654a0e25dcae274edc517e30ec66fefbeb6f511b89e869a4d785098896bf55eac36108c79494c158

  • SSDEEP

    3072:BKUpvwYGqOcW7gabRq15QWXzCrAZu8Gq:MIWMabAL

Score
10/10

Malware Config

Extracted

Family

toxiceye

C2

https://api.telegram.org/bot6444357834:AAGtL3te5_xl4dvacn8BJElHrky5SlLcE_4/sendMessage?chat_id=5974265372

Targets

    • Target

      7lk7vT1.exe

    • Size

      119KB

    • MD5

      f548ca220d471a524cb1c7d8ff613721

    • SHA1

      3040c8945b16a58f44dd4f1ae5a7b0faf61b405e

    • SHA256

      5d0be378578617a2264e822d1b4424d71e8fa3e8dad60b30af614b173682880b

    • SHA512

      b1ea254c1ab6c3983cdb906f39403da5b342fed1836b14b4654a0e25dcae274edc517e30ec66fefbeb6f511b89e869a4d785098896bf55eac36108c79494c158

    • SSDEEP

      3072:BKUpvwYGqOcW7gabRq15QWXzCrAZu8Gq:MIWMabAL

    Score
    10/10
    • ToxicEye

      ToxicEye is a trojan written in C#.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks