General

  • Target

    magic.poisontoolz.com.zip

  • Size

    27.2MB

  • MD5

    a82bf9c19b63778d79f0ba71eb26bebf

  • SHA1

    86f0429c471435086ef5e55a5df55545672a9b22

  • SHA256

    84765d5c0c038297793d431f04f2096bfce69ca41c50696c36bc0f3ba1369c05

  • SHA512

    d0f21a99efce63b9bb0a567d276ecc0ec058b8f2cda12dc8fa3da58379f078e2c79f10bbc153d17cff36873a0da6a1696f837e9d1a7ed6c3bfa5ccb92887dced

  • SSDEEP

    786432:j4oK0cWJ/C70MsxUzD96xPq2jkzeG5+qT:EoZcWsNsxUv96wckF46

Score
3/10

Malware Config

Signatures

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • magic.poisontoolz.com.zip
    .zip
  • magic.poisontoolz.com/Avjteuhlk.dat
  • magic.poisontoolz.com/Binded.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • magic.poisontoolz.com/Buildcrypt.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • magic.poisontoolz.com/Docs.hta
    .html .vbs polyglot
  • magic.poisontoolz.com/Document.pdf
    .pdf
  • magic.poisontoolz.com/Evllmzg.wav
  • magic.poisontoolz.com/File1crypt.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • magic.poisontoolz.com/File2crypt.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • magic.poisontoolz.com/Files.hta
    .html .vbs polyglot
  • magic.poisontoolz.com/Jafxaspdhim.vdf
  • magic.poisontoolz.com/Otcck.wav
  • magic.poisontoolz.com/Pphucxdmff.dat
  • magic.poisontoolz.com/RIB.pdf
    .pdf
  • magic.poisontoolz.com/RagCrypt.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • magic.poisontoolz.com/Spaufgty.wav
  • magic.poisontoolz.com/Utsxokye.wav
  • magic.poisontoolz.com/Walter.exe
    .exe windows:4 windows x64 arch:x64

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • magic.poisontoolz.com/Wjwxkhbvw.mp4
  • magic.poisontoolz.com/Wlkubkwdmop.mp4
  • magic.poisontoolz.com/binded.hta
    .html .vbs polyglot
  • magic.poisontoolz.com/building.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • magic.poisontoolz.com/down.PNG
    .png
  • magic.poisontoolz.com/fox.hta
    .html .vbs polyglot
  • magic.poisontoolz.com/xw.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • magic.poisontoolz.com/xw.hta
    .html .vbs polyglot
  • magic.poisontoolz.com/yagacrypt.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections