toxiceye | 214cd570dd081fdde7641308a69ec11f27359e77251e6f21560065336c5b1760 | Triage

Submit
Reports

Overview

overview

Static

static

TelegramRAT.exe

windows10-2004-x64

Sharing

General

Target

TelegramRAT.exe
Size

111KB
Sample

250110-la58hasmfk
MD5

48956d16278bdeb1f20efa2100a48f77
SHA1

24d9416bf14e6a0d8a9b4970e427adf2bfc8198f
SHA256

214cd570dd081fdde7641308a69ec11f27359e77251e6f21560065336c5b1760
SHA512

0f809d1b3d0495d7247dc150f51a4633652f1aa942983796b0ba785216e334089c1af03e82e16267dad9052ccb576b09dfdd63dee01d834385819f3e7ffcdc88
SSDEEP

3072:Fb5EHVelXr0ZxjQbxqHUVQWJzCrAZuhNdfm9jAbh0:PEHVelbAUbU0D

Score

10^/10

toxiceye discovery rat trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

TelegramRAT.exe

Resource

win10v2004-20241007-en

toxiceye discovery rat trojan

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Extracted

Family

toxiceye

C2

https://api.telegram.org/bot7803199494:AAF60TOiu94ys8A9DeptAR86ERQjmvZMxEo/sendMessage?chat_id=1687153050

Targets

- Target
  
  TelegramRAT.exe
- Size
  
  111KB
- MD5
  
  48956d16278bdeb1f20efa2100a48f77
- SHA1
  
  24d9416bf14e6a0d8a9b4970e427adf2bfc8198f
- SHA256
  
  214cd570dd081fdde7641308a69ec11f27359e77251e6f21560065336c5b1760
- SHA512
  
  0f809d1b3d0495d7247dc150f51a4633652f1aa942983796b0ba785216e334089c1af03e82e16267dad9052ccb576b09dfdd63dee01d834385819f3e7ffcdc88
- SSDEEP
  
  3072:Fb5EHVelXr0ZxjQbxqHUVQWJzCrAZuhNdfm9jAbh0:PEHVelbAUbU0D
Score

10^/10

toxiceye discovery rat trojan
- ToxicEye
  ToxicEye is a trojan written in C#.
  rat trojan toxiceye
- Toxiceye family
  toxiceye
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Enumerates processes with tasklist
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

toxiceyediscoveryrattrojan

© 2018-2025

Terms | Privacy