Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2bad6266bb92dfb65118daa800722b4963c277a6afa373276a82629fa3e239bd

  • Size

    1.7MB

  • Sample

    231004-xpx18agc45

  • MD5

    03c816d0255991a47f1521df26194efe

  • SHA1

    eb3d4d8d70bb44e7d5dc07fb15753b7f8d743a72

  • SHA256

    2bad6266bb92dfb65118daa800722b4963c277a6afa373276a82629fa3e239bd

  • SHA512

    ccc4e49e96519a8069c08ba327eb15ffa241e8434275da87c3a833e348721ccd7a25e84034ec6e7816a9d2e4ffef26ac1172d877399f8707ad2a981e1d109632

  • SSDEEP

    49152:P3ePTNGpziNoM9Zk6/99e5vUkYyDh4jkJRi:GPxnNzD1X+UkYUCkJ

Malware Config

Targets

    • Target

      2bad6266bb92dfb65118daa800722b4963c277a6afa373276a82629fa3e239bd

    • Size

      1.7MB

    • MD5

      03c816d0255991a47f1521df26194efe

    • SHA1

      eb3d4d8d70bb44e7d5dc07fb15753b7f8d743a72

    • SHA256

      2bad6266bb92dfb65118daa800722b4963c277a6afa373276a82629fa3e239bd

    • SHA512

      ccc4e49e96519a8069c08ba327eb15ffa241e8434275da87c3a833e348721ccd7a25e84034ec6e7816a9d2e4ffef26ac1172d877399f8707ad2a981e1d109632

    • SSDEEP

      49152:P3ePTNGpziNoM9Zk6/99e5vUkYyDh4jkJRi:GPxnNzD1X+UkYUCkJ

    • Detect Mystic stealer payload

    • Modifies Windows Defender Real-time Protection settings

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks