toxiceye | d5210ceacbac1b615fc7286df0435b5fb0562ee8cf90e4f8242c544ea906e43b | Triage

Submit
Reports

Overview

overview

Static

static

GPT4ALL.exe

windows7-x64

GPT4ALL.exe

windows10-2004-x64

Sharing

General

Target

GPT4ALL.exe
Size

111KB
Sample

240523-tbxlragc6t
MD5

c82f0edecbf1280b75b0bbd04b030f19
SHA1

6cd8cf4e48103e92f48951428bfb594aea0e313b
SHA256

d5210ceacbac1b615fc7286df0435b5fb0562ee8cf90e4f8242c544ea906e43b
SHA512

1583eefc55fbe37a810cffe31f957f299091ecf8e7b293f150f473318daec3f085a015ef8b37022f7c5f80093abe0076f7d6566b23b96a7e5fde2394d3d5f4db
SSDEEP

3072:ZbKoYUuQaS+T8s14NEn05vYvjNhOYhbxqHRQWtzCrAZu9d2:zYUuQaS+T8s14NEn0RyNVbgz

Score

10^/10

toxiceye rat trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

GPT4ALL.exe

Resource

win7-20240220-en

toxiceye rat trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

GPT4ALL.exe

Resource

win10v2004-20240226-en

toxiceye rat trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

toxiceye

C2

https://api.telegram.org/bot6874514158:AAF3aMojFRhYPPKLlQHDrhjxEaY4YfxO8Og/sendMessage?chat_id=6875765187

Targets

- Target
  
  GPT4ALL.exe
- Size
  
  111KB
- MD5
  
  c82f0edecbf1280b75b0bbd04b030f19
- SHA1
  
  6cd8cf4e48103e92f48951428bfb594aea0e313b
- SHA256
  
  d5210ceacbac1b615fc7286df0435b5fb0562ee8cf90e4f8242c544ea906e43b
- SHA512
  
  1583eefc55fbe37a810cffe31f957f299091ecf8e7b293f150f473318daec3f085a015ef8b37022f7c5f80093abe0076f7d6566b23b96a7e5fde2394d3d5f4db
- SSDEEP
  
  3072:ZbKoYUuQaS+T8s14NEn05vYvjNhOYhbxqHRQWtzCrAZu9d2:zYUuQaS+T8s14NEn0RyNVbgz
Score

10^/10

toxiceye rat trojan
- ToxicEye
  ToxicEye is a trojan written in C#.
  rat trojan toxiceye
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

toxiceyerattrojan

behavioral2

toxiceyerattrojan

© 2018-2024

Terms | Privacy