General

  • Target

    toolz.rar

  • Size

    47.1MB

  • MD5

    b3671d6ef28f6f6afe1335db463a1a73

  • SHA1

    c7daa0e64c39607a70ab471796a5751fdb045ee8

  • SHA256

    6673dece19e1133b8bcd11bab0ec20e4c0b71cdc1e6d074c7a02eb11fcc2cb1c

  • SHA512

    838c16ba50d0962a1b77f147f6df6661a9f5b4b0a76edfc82868ff5377da46f7b2934f9d12fe98bd67cbed8a88d6449f7fd61926ec80be13af8202664350c77f

  • SSDEEP

    786432:RHcwknN5wbsSIv76WOleYSaNOx18H2RXnPGE7X/HcbUxEUrNmHQoNaQ+eHF:hcDubsD76XlPSRxfz/zxEsNAl4G

Score
3/10

Malware Config

Signatures

  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • toolz.rar
    .rar
  • toolz/Mango/MangoKeywordsGUI.exe
    .exe windows:6 windows x64 arch:x64

    115164967564701371491048c68fe8b7


    Headers

    Imports

    Sections

  • toolz/Mango/MangoKeywordsTUI.exe
    .exe windows:6 windows x64 arch:x64

    d721d174ff2a039a78f2aee68ce56c7f


    Headers

    Imports

    Sections

  • toolz/Mango/antipublic
  • toolz/Mango/config.yml
  • toolz/Mango/dork maker/domains.txt
  • toolz/Mango/dork maker/dork_types.txt
  • toolz/Mango/dork maker/dorktypes/Country Target.txt
  • toolz/Mango/dork maker/dorktypes/Non Country Target.txt
  • toolz/Mango/dork maker/keywords.txt
  • toolz/Mango/dork maker/page_types.txt
  • toolz/Mango/dork maker/parameters.txt
  • toolz/Mango/dork maker/search_functions.txt
  • toolz/Mango/hq.txt
  • toolz/Mango/results/Dork Maker/2024-06-03 05;59;10/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-06-03 06;00;40/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-06-03 06;00;43/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-06-03 06;16;06/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-06-03 06;16;47/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-06-03 06;23;47/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-06-03 06;27;16/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-08-18 20;42;54/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-08-18 20;46;17/dorks.txt
    .vbs
  • toolz/Mango/results/Dork Maker/2024-08-18 20;46;20/dorks.txt
    .vbs
  • toolz/Mango/results/Dork Maker/2024-08-18 22;46;47/dorks.txt
    .vbs
  • toolz/Mango/results/Dork Maker/2024-08-19 11;08;38/dorks.txt
    .vbs
  • toolz/Mango/results/Dork Maker/2024-08-19 13;31;25/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-08-20 11;56;11/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-08-20 15;28;24/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-08-20 15;33;57/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-08-22 22;01;47/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-08-22 22;11;02/dorks.txt
  • toolz/Mango/results/Dork Maker/2024-08-22 22;24;31/dorks.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-18 20;07;54/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-18 20;09;30/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-18 20;12;51/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-18 20;13;46/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-18 20;14;56/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-18 20;17;39/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-18 20;37;45/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-19 10;47;04/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-20 11;16;41/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-20 11;17;41/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-20 11;20;02/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-20 11;24;46/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-22 22;05;42/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-22 22;06;53/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-22 22;06;58/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-22 22;08;39/keywords.txt
  • toolz/Mango/results/Keyword Diarrhea/2024-08-25 12;22;47/keywords.txt
  • toolz/SAS/SwissArmySuite.exe
    .exe windows:6 windows x64 arch:x64

    144fe3a3407aa10f55026610f4491514


    Headers

    Imports

    Sections

  • toolz/SAS/antipub.db
  • toolz/SAS/config.json
  • toolz/SAS/crash-1724084383.txt
  • toolz/SAS/dorks Parameters.txt
  • toolz/SAS/dorks.txt
  • toolz/SAS/keywords.txt
  • toolz/SAS/output/urls/2024-08-18_20-57-51/all.txt
  • toolz/SAS/output/urls/2024-08-18_20-57-51/filtered.txt
  • toolz/SAS/output/urls/2024-08-18_21-27-02/all.txt
  • toolz/SAS/output/urls/2024-08-18_21-27-02/filtered.txt
  • toolz/SAS/output/urls/2024-08-18_21-55-09/all.txt
  • toolz/SAS/output/urls/2024-08-18_21-55-09/filtered.txt
  • toolz/SAS/output/urls/2024-08-18_22-03-04/all.txt
  • toolz/SAS/output/urls/2024-08-18_22-03-04/filtered.txt
  • toolz/SAS/output/urls/2024-08-18_22-23-40/all.txt
  • toolz/SAS/output/urls/2024-08-18_22-23-40/filtered.txt
  • toolz/SAS/output/urls/2024-08-18_22-51-12/all.txt
  • toolz/SAS/output/urls/2024-08-18_22-51-12/filtered.txt
  • toolz/SAS/output/urls/2024-08-19_11-13-46/all.txt
  • toolz/SAS/output/urls/2024-08-19_11-13-46/filtered.txt
  • toolz/SAS/output/urls/2024-08-19_12-47-11/all.txt
  • toolz/SAS/output/urls/2024-08-19_12-47-11/filtered.txt
  • toolz/SAS/output/urls/2024-08-19_13-34-03/all.txt
  • toolz/SAS/output/urls/2024-08-19_13-34-03/filtered.txt
  • toolz/SAS/output/urls/2024-08-19_14-44-18/all.txt
  • toolz/SAS/output/urls/2024-08-19_14-44-18/filtered.txt
  • toolz/SAS/output/urls/2024-08-19_15-36-50/all.txt
  • toolz/SAS/output/urls/2024-08-19_15-36-50/filtered.txt
  • toolz/SAS/output/urls/2024-08-19_15-46-08/all.txt
  • toolz/SAS/output/urls/2024-08-19_15-46-08/filtered.txt
  • toolz/SAS/output/urls/2024-08-19_15-55-28/all.txt
  • toolz/SAS/output/urls/2024-08-19_15-55-28/filtered.txt
  • toolz/SAS/output/urls/2024-08-19_16-20-32/all.txt
  • toolz/SAS/output/urls/2024-08-19_16-20-32/filtered.txt
  • toolz/SAS/output/urls/2024-08-20_12-05-49/all.txt
  • toolz/SAS/output/urls/2024-08-20_12-05-49/filtered.txt
  • toolz/SAS/output/urls/2024-08-20_13-43-23/all.txt
  • toolz/SAS/output/urls/2024-08-20_13-43-23/filtered.txt
  • toolz/SAS/output/urls/2024-08-20_13-49-50/all.txt
  • toolz/SAS/output/urls/2024-08-20_13-49-50/filtered.txt
  • toolz/SAS/output/urls/2024-08-20_15-35-36/all.txt
  • toolz/SAS/output/urls/2024-08-20_15-35-36/filtered.txt
  • toolz/SAS/output/urls/2024-08-20_17-36-54/all.txt
  • toolz/SAS/output/urls/2024-08-20_17-36-54/filtered.txt
  • toolz/SAS/output/urls/2024-08-20_19-32-41/all.txt
  • toolz/SAS/output/urls/2024-08-20_19-32-41/filtered.txt
  • toolz/SAS/output/urls/2024-08-22_22-02-50/all.txt
  • toolz/SAS/output/urls/2024-08-22_22-02-50/filtered.txt
  • toolz/SAS/output/urls/2024-08-22_22-11-52/all.txt
  • toolz/SAS/output/urls/2024-08-22_22-11-52/filtered.txt
  • toolz/SAS/output/urls/2024-08-23_13-12-09/all.txt
  • toolz/SAS/output/urls/2024-08-23_13-12-09/filtered.txt
  • toolz/SAS/output/urls/2024-08-23_13-19-45/all.txt
  • toolz/SAS/output/urls/2024-08-23_13-19-45/filtered.txt
  • toolz/SAS/output/vulns/2024-06-01_20-02-55/access.txt
  • toolz/SAS/output/vulns/2024-06-01_20-02-55/all.txt
  • toolz/SAS/output/vulns/2024-06-01_20-02-55/mssql.txt
  • toolz/SAS/output/vulns/2024-06-01_20-02-55/mysql.txt
  • toolz/SAS/output/vulns/2024-06-01_20-02-55/oracle.txt
  • toolz/SAS/output/vulns/2024-06-01_20-02-55/wafs.txt
  • toolz/SAS/output/vulns/2024-06-03_06-33-01/all.txt
  • toolz/SAS/output/vulns/2024-06-03_06-33-01/mysql.txt
  • toolz/SAS/output/vulns/2024-06-03_06-33-01/oracle.txt
  • toolz/SAS/output/vulns/2024-06-03_06-33-01/pgsql.txt
  • toolz/SAS/output/vulns/2024-06-03_06-33-01/wafs.txt
  • toolz/SAS/output/vulns/2024-08-19_00-12-26/wafs.txt
  • toolz/SAS/output/vulns/2024-08-19_19-23-14/all.txt
  • toolz/SAS/output/vulns/2024-08-19_19-23-14/mssql.txt
  • toolz/SAS/output/vulns/2024-08-19_19-23-14/mysql.txt
  • toolz/SAS/output/vulns/2024-08-19_19-23-14/oracle.txt
  • toolz/SAS/output/vulns/2024-08-19_19-23-14/pgsql.txt
  • toolz/SAS/output/vulns/2024-08-19_19-23-14/wafs.txt
  • toolz/SAS/output/vulns/2024-08-20_20-46-22/access.txt
  • toolz/SAS/output/vulns/2024-08-20_20-46-22/all.txt
  • toolz/SAS/output/vulns/2024-08-20_20-46-22/mssql.txt
  • toolz/SAS/output/vulns/2024-08-20_20-46-22/mysql.txt
  • toolz/SAS/output/vulns/2024-08-20_20-46-22/oracle.txt
  • toolz/SAS/output/vulns/2024-08-20_20-46-22/wafs.txt
  • toolz/SAS/output/vulns/2024-08-21_15-32-59/access.txt
  • toolz/SAS/output/vulns/2024-08-21_15-32-59/all.txt
  • toolz/SAS/output/vulns/2024-08-21_15-32-59/mssql.txt
  • toolz/SAS/output/vulns/2024-08-21_15-32-59/mysql.txt
  • toolz/SAS/output/vulns/2024-08-22_23-17-59/wafs.txt
  • toolz/SAS/output/vulns/2024-08-23_14-15-47/access.txt
  • toolz/SAS/output/vulns/2024-08-23_14-15-47/all.txt
  • toolz/SAS/output/vulns/2024-08-23_14-15-47/mssql.txt
  • toolz/SAS/output/vulns/2024-08-23_14-15-47/mysql.txt
  • toolz/SAS/output/vulns/2024-08-23_14-15-47/oracle.txt
  • toolz/SAS/output/vulns/2024-08-23_14-15-47/wafs.txt
  • toolz/Switcher/c.txt
  • toolz/Switcher/main.py
  • toolz/Switcher/start.bat
  • toolz/Xdg/D3Dcompiler_47.dll
    .dll windows:6 windows x64 arch:x64

    2ce80dc262aecd9b9f45ee13d6b30c08


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/Qt5Core.dll
    .dll windows:4 windows x64 arch:x64

    b7ac1f6bc8d5bde8deea38e9becbff05


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/Qt5Gui.dll
    .dll windows:4 windows x64 arch:x64

    b192b7a223ad8e5f7bebfd2048125db2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/Qt5Svg.dll
    .dll windows:4 windows x64 arch:x64

    1b3e826d61c2f23d106a38573ef5c948


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/Qt5Widgets.dll
    .dll windows:4 windows x64 arch:x64

    bfceba1ec7cd998737e020f4612d0f7d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/XDumpGO.exe
    .exe windows:6 windows x64 arch:x64

    b9d4eeaa3db6d040b2759a7208504f5c


    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/all.txt
  • toolz/Xdg/ap.db
  • toolz/Xdg/config.json
  • toolz/Xdg/iconengines/qsvgicon.dll
    .dll windows:4 windows x64 arch:x64

    b077a8cc9d0019528b23cbf254e4ad4b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/imageformats/qgif.dll
    .dll windows:4 windows x64 arch:x64

    4329ef02212194427be44a36e0b9a121


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/imageformats/qicns.dll
    .dll windows:4 windows x64 arch:x64

    10d9b698ddb07a2fd3705f32d5790c63


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/imageformats/qico.dll
    .dll windows:4 windows x64 arch:x64

    6b05618cc8a008ebc8833ded1ed2aa60


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/imageformats/qjpeg.dll
    .dll windows:4 windows x64 arch:x64

    8df33cd6e02f67d2b98520b1edfe03da


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/imageformats/qsvg.dll
    .dll windows:4 windows x64 arch:x64

    6f65fb0cf0449facddbfc1671c62c47e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/imageformats/qtga.dll
    .dll windows:4 windows x64 arch:x64

    205a8e82b8dc38d9ed8492a53a119707


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/imageformats/qtiff.dll
    .dll windows:4 windows x64 arch:x64

    ab6717420fe07c98b487e22dab9c49d0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/imageformats/qwbmp.dll
    .dll windows:4 windows x64 arch:x64

    9751f719631286f37a41d22090e35bfd


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/imageformats/qwebp.dll
    .dll windows:4 windows x64 arch:x64

    34b624b4badc306a57f11d7b395f42d2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/injectables/inj-2024-08-08 819-37-03PM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 819-53-27PM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 820-18-44PM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 820-19-49AM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 820-20-15PM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 820-28-11PM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 820-39-11PM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 820-59-59PM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 821-11-31AM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 821-12-24AM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 821-20-20AM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 821-25-55AM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 821-26-47AM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 821-33-27AM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 821-35-04AM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 821-36-17AM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 821-38-24AM.txt
  • toolz/Xdg/injectables/inj-2024-08-08 821-44-19AM.txt
  • toolz/Xdg/libEGL.dll
    .dll windows:4 windows x64 arch:x64

    eb91385afce4cfa47954ba8506eeb2bd


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/libGLESV2.dll
    .dll windows:4 windows x64 arch:x64

    dc80800d96a4e83457229bbf61bc051c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/libgcc_s_seh-1.dll
    .dll windows:4 windows x64 arch:x64

    b8547353b6beb87cf7560462f9aacd11


    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/libstdc++-6.dll
    .dll windows:4 windows x64 arch:x64

    2ef0ef5b02a4c5c00c38f44ef05e3590


    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/libwinpthread-1.dll
    .dll windows:4 windows x64 arch:x64

    dd7ccacfff5cb681a985c52c384afacb


    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/opengl32sw.dll
    .dll windows:6 windows x64 arch:x64

    7c204a15e246f025a7513db5a566a6e9


    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/platforms/qwindows.dll
    .dll windows:4 windows x64 arch:x64

    f2da56ed0baa3e99a91acffa533db2e7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/styles/qwindowsvistastyle.dll
    .dll windows:4 windows x64 arch:x64

    fb7a74935a4141e9268a43927b7d5a71


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • toolz/Xdg/translations/qt_ar.qm
  • toolz/Xdg/translations/qt_bg.qm
  • toolz/Xdg/translations/qt_ca.qm
  • toolz/Xdg/translations/qt_cs.qm
  • toolz/Xdg/translations/qt_da.qm
  • toolz/Xdg/translations/qt_de.qm
  • toolz/Xdg/translations/qt_en.qm
  • toolz/Xdg/translations/qt_es.qm
  • toolz/Xdg/translations/qt_fi.qm
  • toolz/Xdg/translations/qt_fr.qm
  • toolz/Xdg/translations/qt_gd.qm
  • toolz/Xdg/translations/qt_he.qm
  • toolz/Xdg/translations/qt_hu.qm
  • toolz/Xdg/translations/qt_it.qm
  • toolz/Xdg/translations/qt_ja.qm
  • toolz/Xdg/translations/qt_ko.qm
  • toolz/Xdg/translations/qt_lv.qm
  • toolz/Xdg/translations/qt_pl.qm
  • toolz/Xdg/translations/qt_ru.qm
  • toolz/Xdg/translations/qt_sk.qm
  • toolz/Xdg/translations/qt_uk.qm
  • toolz/Xdg/translations/qt_zh_TW.qm