TRISIS / TRITON / HatMan Malware Repository
Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.
TRISIS / TRITON / HatMan Malware Repository
Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.
TRISIS / TRITON / HatMan Malware Repository Description
This repository contains original samples and decompiled sources of malware attacking commonly used in Industrial Control Systems (ICS) Triconex Safety Instrumented System (SIS) controllers. Each organization describing this malware in reports used a different name (TRISIS/TRITON/HatMan). For more information scroll to 'Learn More'. Folder original_samples contains original files used by the malware that could be found in the wild: - trilog.7z MD5: 0b4e76e84fa4d6a9716d89107626da9b - trilog.exe MD5: 6c39c3f4a08d3d78f2eb973a94bd7718 - library.7z MD5: 76f84d3aee53b2856575c9f55a9487e7 - library.zip MD5: 0face841f7b2953e7c29c064d6886523 - imain.7z MD5: d173e8016e73f0f2c17b5217a31153be - imain.bin MD5: 437f135ba179959a580412e564d3107f - inject.7z MD5: 80fdda5ea7eec98bfdd07fec8f644c2d - inject.bin MD5: 0544d425c7555dc4e9d76b571f31f500 - all.7z MD5: c382f242f62a3c5f4aab2093f6e0fb2f All archives are secured with password: infected Folder decompiled_code contains decompiled python files, originating from trilog.exe file and library.zip archive described above: - Origin: trilog.exe - Result: script_test.py - Method: N/A
TRISIS / TRITON / HatMan Malware Repository FAQ
Common questions about TRISIS / TRITON / HatMan Malware Repository including features, pricing, alternatives, and user reviews.
TRISIS / TRITON / HatMan Malware Repository is Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.. It is a OT Security solution designed to help security teams with Binary Analysis.
