Overview

overview

10

Static

static

10

TelegramRAT.exe

windows7-x64

10

TelegramRAT.exe

windows10-2004-x64

Analysis

  • max time kernel
    0s
  • max time network
    0s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/01/2025, 18:28 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TelegramRAT.exe

  • Size

    111KB

  • MD5

    e3d580a17a351366392ec9e2af674524

  • SHA1

    354e8f441c2fa510e1b3ecab222280649a7efb9a

  • SHA256

    6e644b385d296b76bb3ba68ff006d6b86de763c8b5792e07053e20e3d8218d75

  • SHA512

    a7e2726a2b28a39f6624f419ab9194b4c8e3d4c117e324c2719b3f944c5262cbc064df8989d34b984d8541767327d18381adf6678e4445dc8a49afe0a0824309

  • SSDEEP

    1536:dn+bAQACiEXM91qQIwvL9x1Cc0Di4OybhDqI64QW6zCrAZuQPEDrL:sbaCHXELrJp6bxqH4QW6zCrAZuQwv

Score
10/10
toxiceyerattrojan

Malware Config

Signatures

  • ToxicEye

    ToxicEye is a trojan written in C#.

    rattrojantoxiceye
  • Toxiceye family
    toxiceye
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TelegramRAT.exe
    "C:\Users\Admin\AppData\Local\Temp\TelegramRAT.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2116-0-0x000007FEF6163000-0x000007FEF6164000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2116-1-0x0000000000AB0000-0x0000000000AD2000-memory.dmp

    Filesize

    136KB

    Download

  • memory/2116-2-0x000007FEF6160000-0x000007FEF6B4C000-memory.dmp

    Filesize

    9.9MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.