industroyer | a99de695bdc022b6ec1f08b810f50bacf9d1795b0fb30046123a19c47c4cf086 | Triage

Sharing

General

Target

IDA Pro 8.3.230608 (x86, x86_64).rar
Size

437.4MB
Sample

241019-v7jkfaycrg
MD5

bf39dd3b7584184438813c1004ba656e
SHA1

a8f11974c687e805e3b9c31a6db4cf10eb564af3
SHA256

a99de695bdc022b6ec1f08b810f50bacf9d1795b0fb30046123a19c47c4cf086
SHA512

c8534abc7a7d9167e1d6845bfac5ce7b242c9183363cc1fe18ae761d8084136c6a8729ce90189f4c6044330d2ba3791480fd721ae294a8cf0b1166f76b387958
SSDEEP

12582912:ULZ8+mI8g+Nj3q2wj/WFKk9aMGb9FNHWOAvLK4VLk:rg+NjaLj/030XWOsLlk

Score

10^/10

industroyer antivm discovery evasion linux pdf upx

Malware Config

Targets

- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/IDA SDK/hexvault83_linux.run
- Size
  
  9.7MB
- MD5
  
  78dc0a07e975ed68b0ca1eba8e331f53
- SHA1
  
  43d3286884101cb632ca57cb12e78f0288b0df9e
- SHA256
  
  78571d2cf06791a505e268261d51b717421ed630431e68bccd07bc3d1b7bdf80
- SHA512
  
  db7f216c9296c2165c23142cc118ef4224bd7d629161c8ff057f02e022ca9cb9d80a01643834df77f2780f2dac2bd766bf0a74fe5c06fa0138953d38178415be
- SSDEEP
  
  196608:3wQSaToQdnPeAch9BKdd14/7dtfnhJeA0tIXaVCxDzDIcfNFdF:3w4vdnPeph90dCzHnhJe/VoFFdF
Score

4^/10

antivm discovery
behavioral1
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/Qt5Core.dll
- Size
  
  5.9MB
- MD5
  
  fd80d43e803c146d0718b811e96ef21b
- SHA1
  
  2d53fc58d9e752b9577fe1e78ac117d9d0703469
- SHA256
  
  695307903ccc11dd4972015bebb160b7f0ba414a95e8323e5788476e69e3f83c
- SHA512
  
  01c8a7c1b5fe6d752e237837e448cde3d52888d3d3bc2185bbbdd11557b512f1175ff7c2d3260cea7c7600f6ff263c730d7149fea25f334817541782eb3c1c13
- SSDEEP
  
  98304:N9ZLIyXfCpnSvbVJsv6tWKFdu9CyiYykkmDeFP:HZLIyXfCdSBJsv6tWKFdu9CygkkmDeF
Score

1^/10
behavioral2 behavioral3
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/Qt5Gui.dll
- Size
  
  6.6MB
- MD5
  
  367ada59863dde5902ac813c765c718b
- SHA1
  
  1c30b98f93d5fcb49a15ae22ac9ab1792a0cbfa4
- SHA256
  
  2b8df2fa3a3f75be898ad826e3698a562cd3cce71096ce0b0abf362be6ba57e2
- SHA512
  
  7d57df5c3a9d7de2969074a4ef59cbca6d51fa84de1bc76d5fa4e633b6aeef9f00351ea1774b67ac3565ae6c48e18f0e561487c60027326defb166f3229db057
- SSDEEP
  
  49152:rhHNtGJYgksRjK/pwv90H8M7tlANRpmRWRBZS00xhHoeo1YD8chdR+u9Ui13rb/Q:rhHj6Ii08S0UXo5uz5rHow09vwt/re
Score

1^/10
behavioral4 behavioral5
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/Qt5PrintSupport.dll
- Size
  
  309KB
- MD5
  
  4cd655f4d826e8437b0415aa6c8d6550
- SHA1
  
  7611161c774c7c72b189b420772d2c65e2634e4a
- SHA256
  
  7b105ebf20c0b52259c00ff645f95f584bbe60b91c90de583785ac88b448e26d
- SHA512
  
  82745e4139f72f6843d0f4b588c2744b60a405e398f158319ee336758c09abfbced2f0ecc4e0a6d3e535384a9cbe69f89935b11a9b5857cc8f7deec00f044c6d
- SSDEEP
  
  6144:KZipZFdD77gzRt9ZKG4Mexb86Bk5U3F12oTwpd+/zueDhqvuRj3kVD9N:KZUZFV77gGG4Mexb86Bk5U3F12oTwpdP
Score

1^/10
behavioral6 behavioral7
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/Qt5Svg.dll
- Size
  
  324KB
- MD5
  
  f3cd456d5fb9685304dbb53cc7b9ebaa
- SHA1
  
  8eadfaf8b8e8df16fba9e1dcc36d0ab3eb6c9f42
- SHA256
  
  62089b5a811c7c0cc408335dbafa0c7060cc9324c01595e011abd6ac2e868442
- SHA512
  
  03c3c24a95042b5e4337f2e093d219ebe3a3a05b8a78a8029550f1470c51b4433a60ca7d1000e238a3bfed51b6e6b112788a0663ea6618b4d052214749b4035c
- SSDEEP
  
  6144:op1MnX/dVJ1KTABbOntSiYAj5oNhc3yADAwej2jK+1eA3BOb6nV5xfXJGa9YHPZf:oLMnm46tSiB9chc3yADAwej2jK+1eA3J
Score

1^/10
behavioral8 behavioral9
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/Qt5Widgets.dll
- Size
  
  5.3MB
- MD5
  
  8b786869feb36930f8d6fd7be98ced2c
- SHA1
  
  f6fc979919df931af8fbeae54eff502663b2793c
- SHA256
  
  af337b316a39107944bdeb117798fd8ce02c3307fb415a371b6bc431d470a3e5
- SHA512
  
  9eaa2390abcceb7d69958be99c75dfd60edc464ea8018d3657a39846f40ecd6c6e48bfd750c48264047cff82b6aec398f63df5f70f0c95484a052913e845384a
- SSDEEP
  
  49152:mlWQ5dvcwh3HrfiU3AHv39NjSbo86gk3cP0la297oPmK92fWP2J4unK5HxZGgfs6:YpvG/rTldoOK92fWP2J4df
Score

1^/10
behavioral10 behavioral11
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/analysis/dump_func_info.py
- Size
  
  3KB
- MD5
  
  345c8c749bcc72d4729a1cf4eea46097
- SHA1
  
  680f6d9ce6c07b4cbbca1c10d7a2d98f33f94bcd
- SHA256
  
  de81496db03fc971593c2eb822562b94c44a3388d4902aef6bb4312b83577d7c
- SHA512
  
  46a0c8b99fca2c17071e2f0fb392dc4e005c963a42a341f533971798b1cc2b095f14bfb4f9d8313ae52bd147a2fd803ef3a0e139b962c7b3a6f02eae87c3c355
Score

3^/10

discovery
behavioral12 behavioral13
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/core/actions.py
- Size
  
  7KB
- MD5
  
  711cf4e4d87f8d8c71fc388955832647
- SHA1
  
  b461cc50c8a894c62ef7f2c69e2c60a674752a86
- SHA256
  
  660a42125f8176dcf98b1dd54b204596725a37b6e1e2b9e697deb4f6564118fa
- SHA512
  
  649138c9cc6a98c9cd74e36716a60021e3eaeef3bd908d39c2953828157f317e30863f3b4e6c6fb5e5128a0115c0451406e6bf7037a166afd5d99769cbeb6b1d
- SSDEEP
  
  192:+xKPu29op1dWzZZAOp0L1AX9Dz2sUUhb/B7:+822wW9Zum7UGF
Score

3^/10

discovery
behavioral14 behavioral15
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/core/add_hotkey.py
- Size
  
  996B
- MD5
  
  c60df134ff1fd735abb09677fc751798
- SHA1
  
  722cebe716d12d2f13dfb4812482e48ca57b436e
- SHA256
  
  8165883ce79e4b2342f8a6644dbededcc04ec279064339b77f54aba16f9cc967
- SHA512
  
  e7ee556235a2430d8bf14b1eb47154016e69cf8fd902d9c43e7acd4158bea901f7f4f1f8d6d4b1a8789d2a7ad2c5e199aaf3b03e0197231543dceda052f4dff0
Score

3^/10

discovery
behavioral16 behavioral17
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/core/add_idc_hotkey.py
- Size
  
  736B
- MD5
  
  fe18ab802408f887c1def5cdaba38214
- SHA1
  
  45a867f8ca4b8f65e49386a3dfcfeee2453795c7
- SHA256
  
  97a504ca41979345ef9dcff03b1a81ad8100a34c3f0e60563cce095501f223e1
- SHA512
  
  5c9daf13dd192426f7cdca46c593b826880819b485e7742a13e80fa4dad83ae9263cb78258d1493ef30cb1e4b56dc2c00f3e71e59ad353b40193384d9fa953a7
Score

3^/10

discovery
behavioral18 behavioral19
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/core/auto_instantiate_widget_plugin.py
- Size
  
  3KB
- MD5
  
  8e056fc1811318e85f42a15e6774782b
- SHA1
  
  ac5af6a01dd6a2b4cfc185959353b5d5a8fe1f5f
- SHA256
  
  d750e68403e112569748387e617288eae176326a8840461e46f4c72a88baa96c
- SHA512
  
  3031a19d68470df0d241620f06ee404624a34cb64a25cabcbed0a0e7db9e5559d8fb1ab47172773af2c08ea6519c8743f4b93aff7d2ac9b599ba442cea577e8c
Score

3^/10

discovery
behavioral20 behavioral21
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/core/bin_search.py
- Size
  
  3KB
- MD5
  
  074502baa18fc18189fba625625e5bfc
- SHA1
  
  b9de00a200ecc454f8a70a3345be64745ccb88da
- SHA256
  
  79e6048d847b90ed3b01341b0b0b94935d5fc4669279b943173bffa0a28588b5
- SHA512
  
  f2261016a471365d964fca16074269f5d26c7d621ac22ac31c2c6efd501ee811e0185514a6cd704a619efa5fb105397b6c83b3f7301cd91a9e67fef790358bce
Score

3^/10

discovery
behavioral22 behavioral23
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/core/colorize_disassembly.py
- Size
  
  790B
- MD5
  
  4c5969004b2b3925f399658e18a5cb60
- SHA1
  
  ad12115559d3027c49a106ddf34d8f225d4f0fa8
- SHA256
  
  44e35e14bb488b7eff17052ba499fe44733f2a28c3d906c8f3f5ff3a8bffc5f9
- SHA512
  
  dd9fb579928f71f224a1b177b2a524ee46e9c1c480797355f96a14dd2c09791ebb6c1a3a8ccd0b34822d97a2ff1506e1b4c3a397cbee58015621de679fc104b1
Score

3^/10

discovery
behavioral24 behavioral25
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/core/colorize_disassembly_on_the_fly.py
- Size
  
  4KB
- MD5
  
  55cb47e462545e94e8dfbc8fdae966e8
- SHA1
  
  9eccbb1f3e4034e7018a2c853f5cdfba4eb0e5c1
- SHA256
  
  8c132712f939b62a6968d1d090bffead60a0af40f20577332481388c82a90610
- SHA512
  
  210dadf41ae6056ef550fb5050f28b59c53400680dd8eb1ec31e094dc6f6bda14d44ff706bb4e3909d08e89a832dd7e5f8661613a73b9c46d6bb238db7b2485c
- SSDEEP
  
  96:tpn+1o/bgS0xbcWK1fMF7q2isrmRBgivo25YKZVcT3XB+qWoE4Ql8F:/noo/cnwWV9NO5uTE4S8F
Score

3^/10

discovery
behavioral26 behavioral27
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/core/create_structure_programmatically.py
- Size
  
  2KB
- MD5
  
  220c3e3f524f473ed552a2ff620daf50
- SHA1
  
  03da6531f2f9f55b46b9429332cb003e72dd2061
- SHA256
  
  c3c07557f2c64a9728c50bd0035b2131d35b0fa7323d254d0fb131aca25a603d
- SHA512
  
  7ed7df26cc50a38fb4baf4723be9d02fe782f1e2c84271c6b6224a79a213833819e2440869e36466678d51bd3aa56a42d778c6e511754710d92dc66f9d386498
Score

3^/10

discovery
behavioral28 behavioral29
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/core/custom_cli.py
- Size
  
  2KB
- MD5
  
  9ad756e578ff5e3e628bd670407381e6
- SHA1
  
  d65fbd82c10b9ccabf90580435b89e3515efd8f5
- SHA256
  
  2f61e1f43d9bb89b225ddeadb205ef84a3a8fa4ae314527b5c6d350fddd51296
- SHA512
  
  41da7a8a934860ee93ee5a763ed81830de0a688fb2e07b96650ac898befe49e51e784a0ba8d07f60d9ad754e2d2d5f366c068524f9f6dc4caeb740f6ed9d0f3f
Score

3^/10

discovery
behavioral30 behavioral31
- Target
  
  IDA Pro 8.3.230608 (x86, x86_64)/python/examples/core/custom_data_types_and_formats.py
- Size
  
  8KB
- MD5
  
  b2ecc15fcdffbd40f824774344f43350
- SHA1
  
  2220027851608b9989b1d91720f481a0da9c416c
- SHA256
  
  8ca929999d06f7384155a3395a2d41a4708dc68277ad2add34fdee8bc63735d5
- SHA512
  
  eb831b0a82c045513c467a83a637b065a826bd2a3d5f571f3eab85eb2038f7a029be5e8efde42cff87d6b8314809bff9c54c350ad807ab44a333df9ef16ae602
- SSDEEP
  
  192:eFglz5CsDtCBq+5JOxp2B/OmJGzzXcd95/Sfot2ST9Jgk/7SXIvDXIXXIfh:MMCBqkgD2B2lzG95KfqJlzwIzInI5
Score

3^/10

discovery
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pdfevasionupxindustroyer

behavioral1

antivmdiscovery

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32