Overview

overview

10

Static

static

10

TelegramRAT.exe

windows7-x64

10

TelegramRAT.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TelegramRAT.exe

  • Size

    111KB

  • Sample

    240718-n56tmaxdll

  • MD5

    70e2065cad845ee34e4a39f9b8c963a3

  • SHA1

    c4fe48fc7ec3182670a1a6dc9ec26fde32ad653d

  • SHA256

    168a57c472350a733ffe154a065b243f0d64faf235004315471785abeb93fe19

  • SHA512

    f8bdfae8658f49d4a7a4b83fae078766fbdcfd6438090cc49971e57befc1fe13f22de66cba30b09c6cbf166dce6570a894d11d9985ce9db8a2ad8555d755252f

  • SSDEEP

    1536:Y+b6QDWv5IDlOM91qQIwOs0dxv72rEBDG+bhDqI6oQW8zCrAZuhazDy:Pb2IpORLv7ztbxqHoQW8zCrAZuhay

Score
10/10
toxiceyerattrojan

Malware Config

Targets

    • Target

      TelegramRAT.exe

    • Size

      111KB

    • MD5

      70e2065cad845ee34e4a39f9b8c963a3

    • SHA1

      c4fe48fc7ec3182670a1a6dc9ec26fde32ad653d

    • SHA256

      168a57c472350a733ffe154a065b243f0d64faf235004315471785abeb93fe19

    • SHA512

      f8bdfae8658f49d4a7a4b83fae078766fbdcfd6438090cc49971e57befc1fe13f22de66cba30b09c6cbf166dce6570a894d11d9985ce9db8a2ad8555d755252f

    • SSDEEP

      1536:Y+b6QDWv5IDlOM91qQIwOs0dxv72rEBDG+bhDqI6oQW8zCrAZuhazDy:Pb2IpORLv7ztbxqHoQW8zCrAZuhay

    Score
    10/10
    toxiceyerattrojan

    • ToxicEye

      ToxicEye is a trojan written in C#.

      rattrojantoxiceye

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks