General
-
Target
7485b221926010f27cda7f15f35a5c465558eb8c20b4fc37053850ed2b4a211a
-
Size
111KB
-
Sample
241208-zsrdysypdr
-
MD5
86de4e40528fd099ae01872b6af837cf
-
SHA1
c616d8e3dc5643a15127dce69a327ce37a6b8ab8
-
SHA256
7485b221926010f27cda7f15f35a5c465558eb8c20b4fc37053850ed2b4a211a
-
SHA512
e9912f89c17ff6e7cd897d3256a2a4cd097090dcfee2a8dd85d98de0e618513efe8d3508cca5cbeb2711f27b4602c22cadd25f8eb1b417e7244da54a5db3a4c5
-
SSDEEP
1536:Y+bxQAsnqLoM91qQIwxHxZxdyyKDWfCbhDqI64QWEzCrAZuhn7Dr:PbTsnwo0RZxjQbxqH4QWEzCrAZuh/r
Behavioral task
behavioral1
Sample
7485b221926010f27cda7f15f35a5c465558eb8c20b4fc37053850ed2b4a211a.exe
Resource
win7-20240708-en
Malware Config
Extracted
toxiceye
https://api.telegram.org/bot7302074945:AAGKx5TnjPyRM_fqN4XQLd4uz-PUp4nl8w4/sendMessage?chat_id=6414125020
Targets
-
-
Target
7485b221926010f27cda7f15f35a5c465558eb8c20b4fc37053850ed2b4a211a
-
Size
111KB
-
MD5
86de4e40528fd099ae01872b6af837cf
-
SHA1
c616d8e3dc5643a15127dce69a327ce37a6b8ab8
-
SHA256
7485b221926010f27cda7f15f35a5c465558eb8c20b4fc37053850ed2b4a211a
-
SHA512
e9912f89c17ff6e7cd897d3256a2a4cd097090dcfee2a8dd85d98de0e618513efe8d3508cca5cbeb2711f27b4602c22cadd25f8eb1b417e7244da54a5db3a4c5
-
SSDEEP
1536:Y+bxQAsnqLoM91qQIwxHxZxdyyKDWfCbhDqI64QWEzCrAZuhn7Dr:PbTsnwo0RZxjQbxqH4QWEzCrAZuh/r
-
Toxiceye family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Enumerates processes with tasklist
-