Overview

overview

10

Static

static

10

ida.exe

windows10-2004-x64

3

ida64.exe

windows10-2004-x64

3

idapyswitch.exe

windows10-2004-x64

1

idat.exe

windows10-2004-x64

1

idat64.exe

windows10-2004-x64

1

loaders/javaldr64.dll

windows10-2004-x64

1

loaders/lx.dll

windows10-2004-x64

1

loaders/lx64.dll

windows10-2004-x64

1

loaders/macho.dll

windows10-2004-x64

1

loaders/macho64.dll

windows10-2004-x64

1

loaders/mas.dll

windows10-2004-x64

1

loaders/mas64.dll

windows10-2004-x64

1

loaders/n64rom.dll

windows10-2004-x64

1

loaders/n64rom64.dll

windows10-2004-x64

1

loaders/ne.dll

windows10-2004-x64

1

loaders/ne64.dll

windows10-2004-x64

1

loaders/nlm.dll

windows10-2004-x64

1

loaders/nlm64.dll

windows10-2004-x64

1

loaders/omf.dll

windows10-2004-x64

1

loaders/omf64.dll

windows10-2004-x64

1

loaders/os9.dll

windows10-2004-x64

1

loaders/os964.dll

windows10-2004-x64

1

loaders/pdfldr.pdf

windows10-2004-x64

1

loaders/pe.dll

windows10-2004-x64

1

loaders/pe64.dll

windows10-2004-x64

1

loaders/pef.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ida.zip

  • Size

    371.4MB

  • Sample

    240225-qc1g9adb4x

  • MD5

    eac067070eaa34fca945e96d50462b11

  • SHA1

    c5d5bdf235f23bd3ec849d00f35d0dbbd6143a4e

  • SHA256

    2a20262c7cbd3ebd2ba5b36f3714731666fd53ab08bceebd9217dccb413cb754

  • SHA512

    6fb8ad9c57c9480f1cd13ca0fab1ba3c7fab7d3a3532d65a46df4fec275e70636cd91a78592fad7c109b3bd66b2403be1e0660bb9c8bb0a59cf9b72cc9889b17

  • SSDEEP

    6291456:9lthjbejIgL9Iu/y7zNsykVn4jjkCXXA4ULzVdTn7RgkdztD913IhtuDs/0HXiy2:9ljmjIAvy7C4jjkCXXDUFdTn1zztDL09

Score
10/10
industroyer

Malware Config

Targets

    • Target

      ida.exe

    • Size

      4.0MB

    • MD5

      05c7e465d9d88e94e064a99dc36f4ce1

    • SHA1

      e87ccd7bcfa05a30aa283c5e5953ba368ff75bed

    • SHA256

      d2650a12440bdc4f1b34456956221764c249060e808194b79152e9f679dd4e85

    • SHA512

      a9af650ea3518f88c5f8d9e1d059fd039c88d70b733ccec4107f75b14b6d9489a79dffa3ff5fbd7343ebeeb0ae90d26cdac64b79da006b5cb0c25316a66aacc4

    • SSDEEP

      49152:5MPnm/Zi34DKYj0ZkO4+XTcSq8EQtezdGfPko7FjOeBfDMmpwfFcnQOh6H6RBvV9:5smOqjcXA0nexReBv6avGBXMi+7Wg

    Score
    3/10
    behavioral1

    • Target

      ida64.exe

    • Size

      4.0MB

    • MD5

      23fe02467fb05b85cc78bcaaf1b015da

    • SHA1

      79399bce20c07e0845197f4b5ef3d2a2d780ef6a

    • SHA256

      c695b8de0b3cb3b152890625ec3e0495bad2cd1b257c89de3169b35e3d67b44c

    • SHA512

      cb38da2a0366c73ddcac2a7024d302b80ecb36e5d4dea4a161e468e989e94b8db31cef8326a6a4837a7e3ff59808bd90829311431007aa93b5a521490a1b1c63

    • SSDEEP

      49152:3JSx9rKN/uUVPb4QpuLuv9C1nq7IqqvAkuvnb6wPxLIfFvnP9bCxK/kLC/XIB9C:3Qx9asSFClEZlT5a8LaIBAazGXMZ8G

    Score
    3/10
    behavioral2

    • Target

      idapyswitch.exe

    • Size

      74KB

    • MD5

      3967934ad74f174116605d9eeb42f9cb

    • SHA1

      ee84845792e62c739e981d5b73f424225575d8c3

    • SHA256

      461dc7c20e5afcdb6f9602c1000e5b84ab7a4b335abd54f54370c1e4f5c622b9

    • SHA512

      24fc9ebe3ddf911dfcc1bf65527f340bd0edeb57e867d9a5d16623f4bddee5a7e6717bd49de7a5a54fbb3d61122c32bf38462af5a0b321a3f68708cb4053e880

    • SSDEEP

      1536:khfVyTC+bgIYH0X0y75kcpxrjQoj3AqwFsnq+s0rgXDVe/41:CehqWpFfbwr+s0rgTkg1

    Score
    1/10
    behavioral3

    • Target

      idat.exe

    • Size

      1.5MB

    • MD5

      fc974e7aba88b38aa169a9c43d060155

    • SHA1

      fc98c033c614eee76eb883fabce2799d53d440d7

    • SHA256

      8299f224241e3baa3ea55f608dd037b050a1429414eaa4259c7c3f3a6f309340

    • SHA512

      f080af5f325967a69a7c656a94f56c907edf269312b611e19faba30e3aad1b544b7772873da96255270abd5be8ba16fa389a31462c5c55d8197f7b31d8cc9913

    • SSDEEP

      24576:dbJzf3C558MTkQfVNurT2kG1//ZGq3uoBoQFploQiB3ZwWuI8npZOPHWxXBmgnTk:D3AlkQf/tkGJZGq+o2QFIQ0O/O/WdBrw

    Score
    1/10
    behavioral4

    • Target

      idat64.exe

    • Size

      1.5MB

    • MD5

      8fbe42d205f4f7f36b5da4f7909868ee

    • SHA1

      bde9d1b0b9c3e387339bae9d99592ecb2f2f9a58

    • SHA256

      58a554b08bfc98042f7bbe42e2cfc7c19e1cd2b4957632bb9792719903567b76

    • SHA512

      b799eec49aaa9fb8ee7cf7bb5ff516636aadd25f4e31f34283f44e8af0411652814f7d3c46db4be2bb24aada5e0bc129481d8919ece7797058d1eb6d18bad539

    • SSDEEP

      24576:fdn3nxL7KYwqydvtm+aGfUZ/bIXG8WJNvnUyK1bDtJqpYwOYq3OyaaD4z0ZqhgN9:t3hwqyF4EUZ0W8ANvDKdxEpYxvaaMzkd

    Score
    1/10
    behavioral5

    • Target

      loaders/javaldr64.dll

    • Size

      10KB

    • MD5

      3b290da57492245ee0b63365fda0ab9e

    • SHA1

      e8ae42083ca5d3b92c167e64b77a97b8d449fc34

    • SHA256

      7fa186536d9db05512f0818e1f51dc4178278a4fc807bec8e94b7c81d658c5c3

    • SHA512

      ee90b932415809a13e7844bfd601751e9a045152dfed6ce4fcb272fed3ac9bd0b42d9712ee0cb7a49db9c3be17739f15874b3d1c89b38ad0c188f5908a016651

    • SSDEEP

      192:6/QheyKFuJrEs6K0SDU780cJSpX++/r8yu6:6/xCY20HrcJSpv/r+6

    Score
    1/10
    behavioral6

    • Target

      loaders/lx.dll

    • Size

      36KB

    • MD5

      ae4b7426ed66539f14399e55b5697aee

    • SHA1

      b7396431d77b504d3679e4bd958f95416c447223

    • SHA256

      f703abcc83c32705026f5f6e431c23f7838d7c16ca2ef62f751ee732beea5965

    • SHA512

      7aa346cfb41bf05a2f59eb5cb4b07c9ebf6545c20a134c386409c77617ef9097ce742e7ff0edad2929f573f0fc619d19ca6fec6c8f1f6b18f09c12aa00fd36ce

    • SSDEEP

      768:nuTXlGQK26qwKX3BZe/kymj8c9sPVgF6d06a4qacdr+jwaO7G:CXDl6j+e/kbjjOPVgFD945jz

    Score
    1/10
    behavioral7

    • Target

      loaders/lx64.dll

    • Size

      36KB

    • MD5

      98340492624c04f30d43e493f0c22132

    • SHA1

      13a8521b92ba386126112778169d6cf39cb2bc1f

    • SHA256

      a8cb11aff16c1b7ef4270fc5fa3efaf390f4a7f3cbbc68d83a5cc90ec7f36f79

    • SHA512

      1fa39e82b6e2bd3155b6444dc363fc0bda8ed6075f5399e2e095d4dc4dd36e2413388dd02fec26ea075202cc4a53e5a4abfbb448a6ec2c37c387b1ce6fce1438

    • SSDEEP

      768:YioDUFKcRqDwdJRmhxglLJlS34FAPdedZASnqZ:HoomDoSxgl9Mothq

    Score
    1/10
    behavioral8

    • Target

      loaders/macho.dll

    • Size

      276KB

    • MD5

      4760433c04d08a139ac63d05e8fa24f1

    • SHA1

      9480be7eaf407abfe5192e6fc82025e98ad2185d

    • SHA256

      c29f1f72236bdbc79998c50e274594af8f517af1d1055dec95fda212ac8ebab2

    • SHA512

      9e8331b1f544c689771954c77d1297925f6cc1d3b04f6d4407c67b1667a77b68e788cffd40e487642c45a33b84cc31ae8ab67092caa7b35698842aebffdc4e59

    • SSDEEP

      6144:uB1+0v9ChFQT2ELBQ1oVzHMMrr72SmYe2m4IChc4JJ:uv+0vMQDLqKVvCrk

    Score
    1/10
    behavioral9

    • Target

      loaders/macho64.dll

    • Size

      280KB

    • MD5

      01343400373a748bf197e839db9f94d4

    • SHA1

      ba621eda010c2b5f357728065e7f6dafeeed001b

    • SHA256

      984cd57bd8d43f9bf26488ee32442b885c28df67e146057f7096c9afcc476f27

    • SHA512

      4d6b56fd74a355ebe4f97a65c345cffa405e5e0d0468d8ea70330812c53238fcd587d5081f2a86b55191108f4f35544472e3ec31f91aef91a43ad31c98aa597d

    • SSDEEP

      6144:pCF6Gs9U/INb96XbbpBERL0S7vhrdiRpeoB4DOmi3QMtubM:psIX6rbsRL3Lh64KKMtl

    Score
    1/10
    behavioral10

    • Target

      loaders/mas.dll

    • Size

      14KB

    • MD5

      f2eae5fc83801f71c5db1a7e5ad5856d

    • SHA1

      db6b6a253c5ab3f3998cc3e789f11f3c4d710a18

    • SHA256

      40181b775bb6cef863619bb51930e7784630d15c38e63669dcea3f4d04fc7d0e

    • SHA512

      9fb1c2ced8fd92a9f06ff8c65cc959f72119365c13dfd6064d58c4c11dba78bd8d65e87e20bfc35945594134dfac2dd96b19fe69dd73f2d2f96559912a9b18e7

    • SSDEEP

      192:UalVID1sYoFWKmggjBIa+8j2AugCcBPl7FTcaHivim+AHD/dt:sD1FoFWKmXtZRGPcOTiSHD/dt

    Score
    1/10
    behavioral11

    • Target

      loaders/mas64.dll

    • Size

      14KB

    • MD5

      16325434299fffd2254565d178c6bf54

    • SHA1

      30ff63a508eb3c665a391f0e4078587bc50b4aa3

    • SHA256

      2db3f1044600af8b1a83284148b58ef7848565e13e1b2ca3a515bc2510c4ee0d

    • SHA512

      ab1e323429654747c360a41756b1f462e64ca3f188b6467acadf6584a1e5d403d0911c8e6f36f846cf0ea1b7980e7921851db94c3613da7cc74a8e3f1864c7a0

    • SSDEEP

      192:UaWRIVPYyMYDYRyA8j2Augy1tGBPl7FTc9v0tZo+AHD/f5:hVAZY8RyXG/1kO50LUHD/R

    Score
    1/10
    behavioral12

    • Target

      loaders/n64rom.dll

    • Size

      14KB

    • MD5

      cf1193356b1d0af1895af32946a5207f

    • SHA1

      b90ff89a43dfd3bf6142effebe24ba31e772ae06

    • SHA256

      a5a6e4acb55bed0315d18f34ec01b9cc381842487fd7707f28eec85a43c9f2b2

    • SHA512

      8bddbb0e92a4c90e31eaaa25535b77d2834f86578828496a5a4d2b3f9d101ce09bc9e2993bc5f6a235a34e8895135de75747406f1f4afaafe41cf72326ada713

    • SSDEEP

      192:URLt8l8OICj5ZsccR6bJOMIoe3nCKQT6C7/HvmiJ2DYhiNTpZG+AHD/BqzG:eKJIUTI6bMJtQV7/TsjZyHD/

    Score
    1/10
    behavioral13

    • Target

      loaders/n64rom64.dll

    • Size

      14KB

    • MD5

      e94f76bf942b61797ec6cf39a0b72382

    • SHA1

      ad9da179635f34c1c5e82463433a6a7df5e7f22b

    • SHA256

      40bd285542453d5d7f9317ca0ea5ef6800772344f8e736b515a605230bcd292c

    • SHA512

      b3763495f568d1eee10489c810faa89aceb54810da546f50f56b1676c20016767b3703ca456ba0f7119df464ca505becdbb92ae579d605bff005d554a2816f28

    • SSDEEP

      192:oH/EeLsiqpZNfK72xKbxo+8suagMLKAZcECOqq3miJ2DYhc/z5+AHD/2czj:CrLsFjNE0Kb1LGASjM0HHD/2w

    Score
    1/10
    behavioral14

    • Target

      loaders/ne.dll

    • Size

      35KB

    • MD5

      1d3f23605957ce4c8af057f7d764a75a

    • SHA1

      6af52a2249cf7ab4bc1fea973e1a7bbe945eea8b

    • SHA256

      29629b0c5d1a212fb9222295fdc7e75dc2d72cc8331713f2dfbf0f4c3020385b

    • SHA512

      b51249684b2828c09ec1dc2327bbc0a4c2f4ab3ac29217fff929ee1a9c4381a710b7ed1e5f65f92b52ccda2ff835f3ba426bca395cb61e962d4bbf6dc1f790b4

    • SSDEEP

      768:oD4yCUM5+mr3x5uBCyTlB2AbVfB4UtzbmWMmfeGG3:GS7ClLRBOsi0O

    Score
    1/10
    behavioral15

    • Target

      loaders/ne64.dll

    • Size

      35KB

    • MD5

      02ed5d6eeb4d30110dbd5e2e2a9719e0

    • SHA1

      54c53be48d859926eed95c73fdf0ca66ba4303f9

    • SHA256

      a94c90701789189cc2d65daf49fc487d32be256dec48a13927dbe855a3d2a974

    • SHA512

      b3b691b9f608d3091deed1f5f276621c65dec9c3d3e8690702e68b6c623011222680f48ff26341b8e6999d2314714cb63e38c56634834edd8673f92c133d0459

    • SSDEEP

      768:LWU+8fwNNCRSFnXUjCI8B/M0CHtfCBLVHqIGU:LWRKwb4S2j7ApwOLSU

    Score
    1/10
    behavioral16

    • Target

      loaders/nlm.dll

    • Size

      25KB

    • MD5

      7d8a8c9d57533f7bb7cba953600c655b

    • SHA1

      48a00b6a60b965dae962cfe4758bcb31757feaed

    • SHA256

      81f37b4840a3e6f400fb52f6e7b2f853dcd48616b6eac27cae5ce6b673f353b9

    • SHA512

      501372ea9c8e8f005354d1101986232395fd5acafa4f56ae4c7b3b0984a30a5c4d303cf74357e06c129f7565db905da1b2e226312193e4c0a29cd970de8c54c1

    • SSDEEP

      384:Ok6ZXgt9Q+lW5iateVRumyf0SAYvM9zGUJ37Hg4HF/WaU:ObXWsSV0F08cLgQWaU

    Score
    1/10
    behavioral17

    • Target

      loaders/nlm64.dll

    • Size

      25KB

    • MD5

      b072f2d9e42e5536e249d3ad27a48720

    • SHA1

      55dd3dd230954cba1ee2801eaf3fb939e88e4822

    • SHA256

      d7dc64d569c29d52c9425e5ad342c4a538b573a49dc1b1a45a82bcf0cdfb6a81

    • SHA512

      dd236f67624efd753ad266f3f00aec2d1ae72f225cf3e9bfb3d0dd177949a314b055fad8f43d4fcb172846567b9e14b95057364abcbd0b857e35e72a22fbd30a

    • SSDEEP

      384:nkioVpfNX3x9zEu11GnT+WqFFrKJeGw9aZ0FAYvM9zGinEEIMESHF/U5:ntINnAuKT+cJ0FXVMEyU5

    Score
    1/10
    behavioral18

    • Target

      loaders/omf.dll

    • Size

      75KB

    • MD5

      95914d4e9f72fe7619637d0dd927bc29

    • SHA1

      7b8e36167519da0283cc565906038f5d777d2900

    • SHA256

      a04008ac8aa605107f4b79bb2797eedb313839981ce204c63c7621ab29e7476e

    • SHA512

      82d221474f64e93a7bd23c56bd8bce70d1df59ef296757d4b60caa1014fb5169db03940e37a002038816b3b925228d082ce8276d46db54bf65e6ded79c704225

    • SSDEEP

      1536:AHkuQQEXiUDu98XQ4W0J97WZAQfGQgp2KjuaGyp2urMavsCmvQ:AHkuQQEXyyo09aZAQzrKDHDvsJQ

    Score
    1/10
    behavioral19

    • Target

      loaders/omf64.dll

    • Size

      76KB

    • MD5

      594dea6011f8a1800961f8262023a096

    • SHA1

      8ecb433f5d53a9af80c78a7a00c641128a5b1bc9

    • SHA256

      f48189c2b7e902ab2fdee1a1d1c1b463453e2c1896f86ad9310482fe4b5a9479

    • SHA512

      59780555da0cfcb0e6ada61f753eb686f8f9873d80d2864735603de4c23c5be709e95454e0fde21e84bc09633284dae5d349d1ca414101dfd2a77d5bd53b8292

    • SSDEEP

      1536:HgmebxLEtnabYiTCsDJ2LwYcgKpi1oWu7HRbaiypIa994zMB1:AmetLga8imsQwYJKpHROrF99PB

    Score
    1/10
    behavioral20

    • Target

      loaders/os9.dll

    • Size

      14KB

    • MD5

      95ba65b0c4203b4482a2109d3398290c

    • SHA1

      b3dedebf5ce020da9d19dab03e2b8509f2baf574

    • SHA256

      6080f83861fb0607c34c9cbf76eaf016c60a5631c7b8ad3ef7cb1e306eb402e5

    • SHA512

      d324e0400bfe84f5c001913ffc8111050412d8ea0411bf8c401eb5e2c7f70737208ec933d4275d54044a27d5034092ac6770969f0ffe7e9902f8ddfb10ffe852

    • SSDEEP

      192:6qd9gM2Iif6sCeG/fZU05ZVIObbKEu0Kt8dGSYH8KLvejrmiwrQ5ai+AHD/F2:6HTvLCeYZj5lytt83YHxifjWWLHD/F2

    Score
    1/10
    behavioral21

    • Target

      loaders/os964.dll

    • Size

      14KB

    • MD5

      ea3812adb86391688fc2ed55fadb68d9

    • SHA1

      0b0bfba461a52cbd4f04d76059bb7070b07fc8c5

    • SHA256

      089f7c040395124ed20749d4ae40bb81e03e6e1b6560198841305268d2015af0

    • SHA512

      61121b86a21e85f9c84c382dbf89174bef385175a20d5c4273ed7933c61bfa67bbbc22682f3ebd2f660e5e9a16cc0a173c03acb3ccea7feec0578b806f0f36e1

    • SSDEEP

      192:Xbd8+zLmdpPv/ulqhy3rrwkKu79AHnYnEIvuxko88QEd+AHD/AB:XJHm3v/uZEuE8axkncHD/A

    Score
    1/10
    behavioral22

    • Target

      loaders/pdfldr.py

    • Size

      9KB

    • MD5

      44a14296ed0fabd49f3655af743a2622

    • SHA1

      8c7860b57c74318d7703dbcfa0cc8baa24f1dbed

    • SHA256

      5fa336fc7a0e1b9524b76da3066a5f0bf992e2e171249d98f89633944195d026

    • SHA512

      13f866a35efa67f645cc23e14c70fe3fe472653bd6de22afd36efc8868802ba41c0a9a9484e4849a76b904e352755d49585001e9f15f30c7dc3761abde861e5e

    • SSDEEP

      192:tdhLjfrCByu+aG5vWrgycLZI/PjMTT7uOgDdYjsdAZufh:tfLPz/k5uaMn7AYWAYZ

    Score
    1/10
    behavioral23

    • Target

      loaders/pe.dll

    • Size

      174KB

    • MD5

      d1360fc0a09b11a7c540ffe18a1a958f

    • SHA1

      b453de14b3f3b092ed1a50a05936a0635eb82062

    • SHA256

      864f94bb3c5ea8ee585e3a129bc40a6dc032ccb02c1510b87f564b43669ca003

    • SHA512

      62f506fbb7d7a56499d49f5ad27bf66f4c98e1a3338554f893f357e9e282da6669bf5554d9bb9630538ce339e3fb5392e131a7ee3c176d2977d369055cd403a6

    • SSDEEP

      3072:nTn/jj6vbBkpjvRuedvt6AAjFK16zJRtrGFTfk6kH/76H6BH6RTzS:76vbBkpjUedv4TI+REBkniTzS

    Score
    1/10
    behavioral24

    • Target

      loaders/pe64.dll

    • Size

      182KB

    • MD5

      1700388d4b53e37a9674a98bad3c0c27

    • SHA1

      1367ca36b58a7ba7265445e5b582915800ea5208

    • SHA256

      e5cb31cc608295754b48948c35fb3c86fd2e276f4e094102a587d3932163cd09

    • SHA512

      5cd1545902bad915e115e3c7240719efbfe0a6a32c589d7e1b2795849644da798a252fb42c0f8d17967f5588a461e66ce635c62ff53dd14b5c2b8ca86cc55bc6

    • SSDEEP

      3072:fMUtSGXjO5DAj+B0WwIi/A4kAQzJ3Ew60Nr6toI8btnUz5cb3/6h7VE63LK:fM0w9AjRPIi/A4izfrltM5cjK7VE63LK

    Score
    1/10
    behavioral25

    • Target

      loaders/pef.dll

    • Size

      23KB

    • MD5

      ce0c57d29df614dd9ce629251e0660a1

    • SHA1

      70231fc40ca54c223826dfc9752d0916092387f4

    • SHA256

      221d5868014b45ed4aaf7ed6b90ad283585a8d3f2845ece8bb29fdbadbd3da2d

    • SHA512

      95f016a8c27d7b03dc8daed8cd1417650defbc24c2ad7bcdaa980dabae5cf0b37b4910af028a8e7c00fbd2e0ad996ee4285bd26362f181b1fdee4d602c5f8e21

    • SSDEEP

      384:/wGAzGTLyN5fxlevyaLsu6eh9SG79yp16ckTM/tXnXYcyHM0R:/f+eKaQuP9SLp9qoYr

    Score
    1/10
    behavioral26

MITRE ATT&CK Enterprise v15

Tasks