General

  • Target

    3e90705aba37a41167ba16227f849865f2fa8f75002f955c681ec40543da7bf1

  • Size

    15KB

  • MD5

    e66abf889364f9f792c149d69522338a

  • SHA1

    41b147bd433d1305eb0845222be69789732c66d7

  • SHA256

    3e90705aba37a41167ba16227f849865f2fa8f75002f955c681ec40543da7bf1

  • SHA512

    d8eb6ade4109e15b26de4b92abb0f92fd25b57bfa52f8287d703a5950d1196ab1469836fe3058fae49cd7bcf74b1314803fc6a6ee91c605298c1a33603e97865

  • SSDEEP

    384:QMcqcZa2gWd9rCH6vICwkCBHNt8J5awnsIcdmVp/:5KZPfdC/CY0PcdmT/

Score
10/10

Malware Config

Signatures

  • Industroyer IEC-104 Module 1 IoCs

    Contains strings related to Industroyer module used to communicate with power transmission grids over IEC-104 protocol.

  • Industroyer family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3e90705aba37a41167ba16227f849865f2fa8f75002f955c681ec40543da7bf1
    .zip

    Password: infected

  • ea16cb89129ab062843c84f6c6661750f18592b051549b265aaf834e100cd6fc.exe
    .exe windows:5 windows x86 arch:x86

    2cf6ff919d8af9170b36d01b351744f3


    Headers

    Imports

    Sections