toxiceye | hxxps://mega[.]nz/file/y2gzzDYb#JQaLxiA0teFCssQK0NRwWLJJMsYZDjFers2A-gDz3fM | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

https://mega.nz/file...

windows10-ltsc 2021-x64

3

https://mega.nz/file...

windows11-21h2-x64

Sharing

General

Target

https://mega.nz/file/y2gzzDYb#JQaLxiA0teFCssQK0NRwWLJJMsYZDjFers2A-gDz3fM
Sample

250201-vgqk3atlcr

Score

10^/10

toxiceye defense_evasion discovery rat trojan

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://mega.nz/file/y2gzzDYb#JQaLxiA0teFCssQK0NRwWLJJMsYZDjFers2A-gDz3fM

Resource

win10ltsc2021-20250128-en

windows10-ltsc 2021-x64

7 signatures

600 seconds

Behavioral task

behavioral2

Sample

https://mega.nz/file/y2gzzDYb#JQaLxiA0teFCssQK0NRwWLJJMsYZDjFers2A-gDz3fM

Resource

win11-20241007-en

toxiceye defense_evasion discovery rat trojan

windows11-21h2-x64

22 signatures

600 seconds

Malware Config

Extracted

Family

toxiceye

C2

https://api.telegram.org/bot7950582701:AAFn4xZmuuHEE2nNVozg9gM3rt14h3XD1Vo/sendMessage?chat_id=7697201963

Targets

- Target
  
  https://mega.nz/file/y2gzzDYb#JQaLxiA0teFCssQK0NRwWLJJMsYZDjFers2A-gDz3fM
Score

10^/10

discovery toxiceye defense_evasion rat trojan
- Contains code to disable Windows Defender
  A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
- ToxicEye
  ToxicEye is a trojan written in C#.
  rat trojan toxiceye
- Toxiceye family
  toxiceye
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Browser Information Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

behavioral2

toxiceyedefense_evasiondiscoveryrattrojan

© 2018-2025

Terms | Privacy