Overview

overview

10

Static

static

10

Sh1zoRat.exe

windows7-x64

10

Sh1zoRat.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Sh1zoRat.exe

  • Size

    119KB

  • Sample

    240522-jxvdeahb6s

  • MD5

    f548ca220d471a524cb1c7d8ff613721

  • SHA1

    3040c8945b16a58f44dd4f1ae5a7b0faf61b405e

  • SHA256

    5d0be378578617a2264e822d1b4424d71e8fa3e8dad60b30af614b173682880b

  • SHA512

    b1ea254c1ab6c3983cdb906f39403da5b342fed1836b14b4654a0e25dcae274edc517e30ec66fefbeb6f511b89e869a4d785098896bf55eac36108c79494c158

  • SSDEEP

    3072:BKUpvwYGqOcW7gabRq15QWXzCrAZu8Gq:MIWMabAL

Score
10/10
toxiceyerattrojan

Malware Config

Extracted

Family

toxiceye

C2

https://api.telegram.org/bot6444357834:AAGtL3te5_xl4dvacn8BJElHrky5SlLcE_4/sendMessage?chat_id=5974265372

Targets

    • Target

      Sh1zoRat.exe

    • Size

      119KB

    • MD5

      f548ca220d471a524cb1c7d8ff613721

    • SHA1

      3040c8945b16a58f44dd4f1ae5a7b0faf61b405e

    • SHA256

      5d0be378578617a2264e822d1b4424d71e8fa3e8dad60b30af614b173682880b

    • SHA512

      b1ea254c1ab6c3983cdb906f39403da5b342fed1836b14b4654a0e25dcae274edc517e30ec66fefbeb6f511b89e869a4d785098896bf55eac36108c79494c158

    • SSDEEP

      3072:BKUpvwYGqOcW7gabRq15QWXzCrAZu8Gq:MIWMabAL

    Score
    10/10
    toxiceyerattrojan

    • ToxicEye

      ToxicEye is a trojan written in C#.

      rattrojantoxiceye

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks