Extracted

• • Target

    TelegramRAT.exe

  • Size

    119KB

  • MD5

    57ec698eadd8a43268b10ee599c5e2b3

  • SHA1

    6bcc4f0da802feb01914faf33eb2c32aafdbf707

  • SHA256

    31312ebd622e3183979c4881b32bf5a9cb33c45b9216cac1dd33af4d12da77be

  • SHA512

    b19a4a45003592c9b3b4fdc1ee65461f459f8e41c759571ae0b3925be716b353620a9f1e1fe59fc49901a28aead8d5ed56bac4d5ff1fa123b29046f3a44cd8a6

  • SSDEEP

    3072:+nKxltkwILOo2qmm+G/bxqHhQWqzCrAZuu7Y:Zti2xe/bge

  Score

  10^/10

  toxiceyediscoveryrattrojan

  • ToxicEye

    ToxicEye is a trojan written in C#.

    rattrojantoxiceye

  • Toxiceye family

    toxiceye

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Enumerates processes with tasklist

    discovery
  behavioral1