Industroyer2 IEC-104 Analysis
Tags
| country: | Ukraine |
| attack-pattern: | Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | a52f2023-364f-44d6-ab42-13bf05384d22 |
| Fingerprint | b4bc1fd525f21782 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 25, 2022, 10:35 a.m. |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 10, 2024, 9:35 p.m. |
| Headline | UNKNOWN |
| Title | Industroyer2 IEC-104 Analysis |
| Detected Hints/Tags/Attributes | 37/2/16 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 16 | www.netresec.com |
|
| Details | Domain | 1 | industroyer2-netresec.zip |
|
| Details | File | 1 | industroyer2-netresec.zip |
|
| Details | File | 5 | 108_100.exe |
|
| Details | File | 2 | 40_115.exe |
|
| Details | File | 4 | pservice_ppd.exe |
|
| Details | md5 | 2 | 7c05da2e4612fca213430b6c93e76b06 |
|
| Details | md5 | 1 | 3229e8c4150b5e43f836643ec9428865 |
|
| Details | sha1 | 2 | fdeb96bc3d4ab32ef826e7e53f4fe1c72e580379 |
|
| Details | sha256 | 3 | d69665f56ddef7ad4e71971f06432e59f1510a7194386e5f0e8926aea7b88e00 |
|
| Details | IPv4 | 1 | 10.82.40.105 |
|
| Details | IPv4 | 1 | 192.168.122.2 |
|
| Details | IPv4 | 1 | 192.168.121.2 |
|
| Details | IPv4 | 132 | 10.0.0.0 |
|
| Details | IPv4 | 124 | 192.168.0.0 |
|
| Details | Url | 1 | https://www.netresec.com/files/industroyer2-netresec.zip |