toxiceye | 825509eb0672d6114194c773b017d5d41d9e67be4fe41f753f9c6bb37b1c32db | Triage

Submit
Reports

Overview

overview

Static

static

ChromeUpdate.exe

windows7-x64

ChromeUpdate.exe

windows10-2004-x64

Sharing

General

Target

ChromeUpdate.exe
Size

119KB
Sample

250105-p9ca9axjgq
MD5

a39f21db0576a82177ee4c806766d763
SHA1

ee4676f4dedd24003ce1bd972cbce95ef51fa07f
SHA256

825509eb0672d6114194c773b017d5d41d9e67be4fe41f753f9c6bb37b1c32db
SHA512

ea07e5d6f2b8ae0fbf8c1931d844bfbff920b3c9f83d10d38bd76828ed2d8a4b849251a87f5e2ad6bb1e9d9b1e5a75520baf2b70e063f44595e058c433be1133
SSDEEP

3072:IAWfRzlXCwwFwOwWAmm+G/bxqH8QWqzCrAZuuyn1:IAD1SWHe/bgRY

Score

10^/10

toxiceye discovery rat trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ChromeUpdate.exe

Resource

win7-20240903-en

toxiceye discovery rat trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

ChromeUpdate.exe

Resource

win10v2004-20241007-en

toxiceye discovery rat trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

toxiceye

C2

https://api.telegram.org/bot7742822790:AAHkizf3bilCkIqp8NNVcbWObKSVKo8Xifo/sendMessage?chat_id=7053620590

Targets

- Target
  
  ChromeUpdate.exe
- Size
  
  119KB
- MD5
  
  a39f21db0576a82177ee4c806766d763
- SHA1
  
  ee4676f4dedd24003ce1bd972cbce95ef51fa07f
- SHA256
  
  825509eb0672d6114194c773b017d5d41d9e67be4fe41f753f9c6bb37b1c32db
- SHA512
  
  ea07e5d6f2b8ae0fbf8c1931d844bfbff920b3c9f83d10d38bd76828ed2d8a4b849251a87f5e2ad6bb1e9d9b1e5a75520baf2b70e063f44595e058c433be1133
- SSDEEP
  
  3072:IAWfRzlXCwwFwOwWAmm+G/bxqH8QWqzCrAZuuyn1:IAD1SWHe/bgRY
Score

10^/10

toxiceye discovery rat trojan
- ToxicEye
  ToxicEye is a trojan written in C#.
  rat trojan toxiceye
- Toxiceye family
  toxiceye
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

toxiceyediscoveryrattrojan

behavioral2

toxiceyediscoveryrattrojan

© 2018-2025

Terms | Privacy