TRISIS / TRITON / HatMan Malware Repository Logo

TRISIS / TRITON / HatMan Malware Repository

0
Free
Updated 11 March 2025
Malware Analysis
Malware
Ics
Industrial Control Systems
Binary Analysis
File Analysis
Visit Website

This repository contains original samples and decompiled sources of malware attacking commonly used in Industrial Control Systems (ICS) Triconex Safety Instrumented System (SIS) controllers. Each organization describing this malware in reports used a different name (TRISIS/TRITON/HatMan). For more information scroll to 'Learn More'. Folder original_samples contains original files used by the malware that could be found in the wild: - trilog.7z MD5: 0b4e76e84fa4d6a9716d89107626da9b - trilog.exe MD5: 6c39c3f4a08d3d78f2eb973a94bd7718 - library.7z MD5: 76f84d3aee53b2856575c9f55a9487e7 - library.zip MD5: 0face841f7b2953e7c29c064d6886523 - imain.7z MD5: d173e8016e73f0f2c17b5217a31153be - imain.bin MD5: 437f135ba179959a580412e564d3107f - inject.7z MD5: 80fdda5ea7eec98bfdd07fec8f644c2d - inject.bin MD5: 0544d425c7555dc4e9d76b571f31f500 - all.7z MD5: c382f242f62a3c5f4aab2093f6e0fb2f All archives are secured with password: infected Folder decompiled_code contains decompiled python files, originating from trilog.exe file and library.zip archive described above: - Origin: trilog.exe - Result: script_test.py - Method: N/A

FEATURES

EXPLORE BY TAGS

Malware

Ics

Industrial Control Systems

Binary Analysis

File Analysis

SIMILAR TOOLS

findom-xss Logo
findom-xss

A fast and simple DOM based XSS vulnerability scanner

Free
Malware Analysis
Yabin Logo
Yabin

Yabin creates Yara signatures from malware to find similar samples.

Free
Malware Analysis
Yara-Repo Logo
Yara-Repo

Collects Yara rules from over 150 free resources, a free alternative to Valhalla.

Free
Malware Analysis
RABCDAsm Logo
RABCDAsm

RABCDAsm is a collection of utilities for ActionScript 3 assembly/disassembly and SWF file manipulation.

Free
Malware Analysis
Andromeda Logo
Andromeda

Andromeda makes reverse engineering of Android applications faster and easier.

Free
Malware Analysis
chkrootkit Logo
chkrootkit

A tool to locally check for signs of a rootkit with various checks and tests.

Free
Malware Analysis
Apktool Logo
Apktool

A tool for reverse engineering Android apk files.

Free
Malware Analysis
OllyDbg v1.10 Logo
OllyDbg v1.10

A 32-bit assembler level analyzing debugger for Microsoft Windows.

Free
Malware Analysis
java2yara Logo
java2yara

A minimal library to generate YARA rules from JAVA with maven support.

Free
Malware Analysis

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy