Industroyer2: Nozomi Networks Labs Analyzes the IEC 104 Payload
Tags
country: Ukraine
attack-pattern: Data Direct Malware - T1587.001 Malware - T1588.001 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID d6778854-6b67-43f9-b263-0ea52f3e4ec2
Fingerprint 8c351b5885f3168d
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 15, 2022, 10:06 p.m.
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Sept. 4, 2024, 1:25 a.m.
Headline Industroyer2: Nozomi Networks Labs Analyzes the IEC 104 Payload
Title Industroyer2: Nozomi Networks Labs Analyzes the IEC 104 Payload
Detected Hints/Tags/Attributes 34/2/9
Source URLs
Redirection Url
Details Source https://www.nozominetworks.com/blog/industroyer2-nozomi-networks-labs-analyzes-the-iec-104-payload/
URL Provider
Details Provider Source level domain
Details nozominetworks.com www.nozominetworks.com
Attributes
Details Type #Events CTI Value
Details File 5 
101.dll
Details File 9 
104.dll
Details File 5 
61850.dll
Details File 5 
opc.exe
Details File 4 
opcclientdemo.dll
Details File 4 
pservice_ppd.exe
Details File 2 
pservicecontrol.exe
Details sha256 3 
d69665f56ddef7ad4e71971f06432e59f1510a7194386e5f0e8926aea7b88e00
Details sha256 2 
7907dd95c1d36cf3dc842a1bd804f0db511a0f68f4b3d382c23a3c974a383cad