industroyer | cadf8d72b7fe67335a968a0756f4d1da6b0d4390f357a8c077fe5d02678f8558 | Triage

Resubmissions

10-01-2025 01:07

250110-bgrzcawphv 10

09-01-2025 22:10

250109-13nw9aspdw 10

Sharing

General

Target

IDA-Pro-7.7-main.zip
Size

500.8MB
Sample

250109-13nw9aspdw
MD5

b8ccd1d6dc29c659da075c8cea86c504
SHA1

140255b136fbd6ab138efdf3784da697f253c191
SHA256

cadf8d72b7fe67335a968a0756f4d1da6b0d4390f357a8c077fe5d02678f8558
SHA512

05ccf04723275130409fd2619e712bc0cedef1a8a093db82cf3691681e7abfbf8904b78396d2ccf89a05cf687c95b02d7b273e70c1c63946ee701b92ae957336
SSDEEP

12582912:AzhUi8v/DNLvOcvfN3iu/aiHQWgCc5KoTn/lLuo5okqX7n3cJWWm1tXI:Ayi8zNLvvi2wWgCcIojtaZP7n3E1mw

Score

10^/10

industroyer discovery evasion link pdf upx

Malware Config

Targets

- Target
  
  IDA-Pro-7.7-main/IDA_InitTool.exe
- Size
  
  12KB
- MD5
  
  6a33471545c5e31419e1e6626a7794f1
- SHA1
  
  b746499486a929fcc7015af01e5f66864da5a98e
- SHA256
  
  2ad67d19e50ebdbfa0ceb57f2f45fda34a3cc938bbfa06851f7a5ff6fdce3f1f
- SHA512
  
  0fdc79240acb703739bf770b079cb29b9a835cfc31e252742423be97239d5d04a1ffb25295726438b350312f20c38c7f93f6e9363c4cc921a869f7e2690d6d17
- SSDEEP
  
  192:uXelyQg6j7eS/sNp3dD+yVa3v+yKo4eHe2j4kpC89FY0sEdCqAsoD:seXg6ZOp3V+yVGv+b++axplFY0s9qZ
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  idaclang77/win/idaclang.exe
- Size
  
  614KB
- MD5
  
  ac45c43cec20637c5cb44d017387e899
- SHA1
  
  38a6505426fa724db9b1057cbbc4649e57c9f517
- SHA256
  
  1045451af60be2a03d9f445c93e10eeab0d28500c5ed97a55f4024036c7a6322
- SHA512
  
  9867af6195b304bc7d1df2378a9a5ca77a05b7c7d7d1db4cf4d9874cfc21ddf55f54f793498a2c18c54da5ee28ccf56098d42b7048f908e457f71d0bfd622a1c
- SSDEEP
  
  12288:kga2zgaO+Tr6u1GySpaYttZEt1TPGrhDRCNs:BvkaVTr6xy29Wt1TPGrGNs
Score

1^/10
behavioral3 behavioral4
- Target
  
  idasdk77/dbg/bochs/sdk/bxtest.dll
- Size
  
  4KB
- MD5
  
  256e70b2d93e4b85012a6c542a77e7be
- SHA1
  
  68e001a83bde62d115d6c52c12fcf3987ba7ff9d
- SHA256
  
  0c959015c28361c05c36ed107cdd7a50fd55c0fd43538372a529c0f55794bdb9
- SHA512
  
  eec69f39b5f54033b373f4a406685808c816872f3c90fa7606f84bce76b6a5f0ca2124adfeff71410adcfee716e9da4fe3c338e4942f9183ba6db36fca844017
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  idasdk77/dbg/bochs/sdk/test.pe
- Size
  
  1KB
- MD5
  
  643508444fb19e70161d3ce6cafe685d
- SHA1
  
  3ae9d6df9071f20d0bc198bb90dd9a4f431e8c57
- SHA256
  
  339f1e6eb9759aa38d16babf392f82cd2a8641a5bac19788af23351dfaf3ab8b
- SHA512
  
  1d3d94bf66b74778808c28470e6a9d77a42108399455718e0c7e86d014cad5fe1326e9937d14b8e7ffe3bd75b4b155bb2aa5274d866f9c2ed8a164b9f546fc31
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  IDA-Pro-7.7-main/clp64.dll
- Size
  
  1.0MB
- MD5
  
  9551263c9dd81e8a42487718dbe1a17a
- SHA1
  
  9b048160efc67e8b2ef713933212edaedcb158a5
- SHA256
  
  5870149d7b091376e6a89d691a9ef4b7b889e3c3bf2516f8c7b73f6cf762fbc0
- SHA512
  
  bae732d98371157f764316e66f333d4362b0161b4a38650cc9eb23e3d01655b892b5fc86d99b45afc649257694a2cae6be563ac40193f4b546c7f36a0d31be36
- SSDEEP
  
  24576:w7Vt9qfawrN27U1izzZaRbfp81L/Wm/nd6Wrr+U/FQT:sBqfSU14Zadq1L/cWrrTFQ
Score

1^/10
behavioral10 behavioral9
- Target
  
  IDA-Pro-7.7-main/dbgsrv/win32_remote.exe
- Size
  
  713KB
- MD5
  
  ed16388d2796c93b705d6f4c98f16259
- SHA1
  
  b546c201eb04d4ffdd9dd02d0925d7667b286541
- SHA256
  
  4d0782fac17baa4b91c8ec36b2d28398656f9fbd858135be2d418323c1c6648f
- SHA512
  
  ec9060adcfe0a3a9db19692f5f88402838cc6f5a286b34124c38cc9cf6ee45bc57dacedb9f432f5a705040d3af442fe27b02ac23da73452bec8c39cb93022274
- SSDEEP
  
  12288:riygK09BFg1M7J8JjBGYaRCCm0qPZwtY6CpJg4Kg+3PuK3JhJ6LaT/D270gFU:rafOCmzwtY1EfuK3f8LaTb8P
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  IDA-Pro-7.7-main/dbgsrv/win64_remote64.exe
- Size
  
  804KB
- MD5
  
  9613938952c5e2991063309982f2ae58
- SHA1
  
  aae4c44ec35960f3729142e0b64edac445d29227
- SHA256
  
  bf229ad6affcd486910c5654e777dc586f7e806d14b1d6613e03dde26359f2cf
- SHA512
  
  9bc1a6b96d577bf7d5b9157ebf64f281326440a2d9dd678205e446b6af81db9bcfb96f6c86e30c37bef683544743953d8ee46f89a3fbaf9f18cc94579c2ad8a5
- SSDEEP
  
  24576:RDe8PcYcOoDekAMNHFZ5AXxu8PcXroThr0:JvXvMHFZmXoa+oT
Score

1^/10
behavioral13 behavioral14
- Target
  
  IDA-Pro-7.7-main/ida.exe
- Size
  
  4.0MB
- MD5
  
  9d6d3e344709427ab731813f88a739e1
- SHA1
  
  407f520ea5dbf4480fa331b72183b40c3ae76766
- SHA256
  
  016b7a713b52b20123ac3100ab0347daa2e6def4249dc6c5490f1ec2954ed4cc
- SHA512
  
  fb3d10e6745023d3a858e9dafb7701bf9c5cedacbfc5243a5ae885e7b5a2d3855a18c2565c7c35237e30f6479ca842ff3e9b68e964e03b7ea643100312548e43
- SSDEEP
  
  49152:p9EJ6ZQOajI9/7MlHrbh/MG7y72fl1cDQK0czmoPgqXfUnpzjfwRwaw5ArwuJyNa:RZt8HyG7g2fly9ljwCqDolZEKu1mD
Score

5^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15 behavioral16
- Target
  
  IDA-Pro-7.7-main/ida64.dll
- Size
  
  4.2MB
- MD5
  
  36e4a1a33c5b557ebfe9750990f866dd
- SHA1
  
  b68596cf0978c7cd349eb10251d2763c6f60e558
- SHA256
  
  d35e714949504f1da5e894cdedfffeff93f3b02ab8063a815d9f96b9ca064c1f
- SHA512
  
  88b4a3d34db82a81c7f2fffa88167dcd70bb8933e553dd87670bb75e46f20731e89639b698f492d9213dc5c550b5115baf4e478da7f529ca9499d78addaee800
- SSDEEP
  
  49152:L26gm5RpmkLsUbjeK0Ah0cqJgIeXkfWLZWR2070bdVcPvc+yyxiDNZjaTbylizSq:M/U+MJYgos+P+NZjlK7
Score

1^/10
behavioral17 behavioral18
- Target
  
  IDA-Pro-7.7-main/ida64.exe
- Size
  
  4.0MB
- MD5
  
  24ba0b4e0a3445a6c2fb866d94669f05
- SHA1
  
  3b6bf89f5ec4b19266260fd488ae720a90f1865d
- SHA256
  
  70840575ebddb25412f6de60329d5d395b325b709df9202411b723d0744c9624
- SHA512
  
  dcbd7babaa0de562a0a6682c3c0b053c419ddc2e78d6a0213c081a5ca50a256a720d0c6cbf3b2de669a5410918dfeb2d7d4fc29b23ae3285103c8e3c2be8b2b0
- SSDEEP
  
  49152:GQptxtn8v9flRURQXyczsoBR9RAzkdk9ltnv2UtxOpYjObpJWYcmD75zoELxnXAm:GitxMR4QuoBPRAzz9lRvMVtdwdZro6m
Score

1^/10
behavioral19 behavioral20
- Target
  
  IDA-Pro-7.7-main/idapyswitch.exe
- Size
  
  71KB
- MD5
  
  896e63c20ca85737e90d32dda6004206
- SHA1
  
  e3f117772b4d24ffc6413be08ff7ddb74ad8cc89
- SHA256
  
  fda1967948657e7184f47a39bc3dc18c16ca3a0f7c087807723a4e9f55adbd98
- SHA512
  
  7eb90072f209bf5c27458d79f09c6f111ef564db5fb9ba4f4e3399a70b1978ea5b86009b2ddeae7295507b906fc7f1f5128c493d86f5dd826b1f51802273fd6f
- SSDEEP
  
  1536:amZJ7bsXCWaosxaOsqzQjjljGwsZ+J4OAWkrgOxAlb:eCL2FGD+Jherg4Alb
Score

1^/10
behavioral21 behavioral22
- Target
  
  IDA-Pro-7.7-main/idat64.exe
- Size
  
  1.5MB
- MD5
  
  a281903a73582e5e404604936056fee9
- SHA1
  
  8481210f0455e93410592c9a962e1256f7e57b23
- SHA256
  
  be98f11869996aedd0a3e0ff86dca967dc0f8338215e301cb65c8fa02da41b57
- SHA512
  
  92d33d73d530a62fd0a3fed0b737a2b3f10b3d8159fc309d5175abfab856141e9e08847b06dd9311507c367388e737c4a3c126e789f95393bf5cb76a0a5af09c
- SSDEEP
  
  24576:j3d+13WxS/FfNEnAah1DE7JsyaXNqMUJozDpbQI5uRYOIVYZDzVyAU4tgVE56Kmg:j3s3tNEnbPw7JU9qMZZcouRYOol4tgWB
Score

5^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral23 behavioral24
- Target
  
  IDA-Pro-7.7-main/symsrv.dll
- Size
  
  336KB
- MD5
  
  1473a9ccb67526d4010f1b0f9e6b2977
- SHA1
  
  7fe8c168e976200cf1562b8e8991245226b16b9a
- SHA256
  
  f118fd9d6ba4c36db3556d1035efe90e99c00bf879a22abebe1dadfdbb3074d7
- SHA512
  
  3f459a8c9536b615bbd3b8bfec9970f432cc72bd3287937f9f915fcbe9b2a13fcb4c45946a1722018f89db505b418957bd513bd32a64580484d4ac7d3896a551
- SSDEEP
  
  6144:yT/zGgy2HzkCwmkfCl00EiwtHgadXIezwnzx7I91DR9J2:y3GL2HzkCwmkfClHbghpINzZmBRa
Score

1^/10
behavioral25

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pdfevasionupxlinkindustroyer

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25