Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bbce009f7a7464be2100737b272bd6c2297a352957970f1bb28ba7c1c16e7851

  • Size

    1.7MB

  • Sample

    231005-pjt4daba5y

  • MD5

    9377b44e28343e05a83ecda016271780

  • SHA1

    9667aa93126b95d00d2953988b1eb7efa2d7b7b0

  • SHA256

    bbce009f7a7464be2100737b272bd6c2297a352957970f1bb28ba7c1c16e7851

  • SHA512

    2a667f2ecdc71cacdce0814e2af406ed1613b150d7e2d795132d240105d9beeabe659b2f1f0bddad56d25c9b152bfc0a2a57a11c0b1dd1f09cfd74cd3f735094

  • SSDEEP

    49152:09suHdb8t3oMg4g2XSHSwe27WC2p0ukEO0B+v98+8:YdbW3G41SywyC26CvB+v9W

Malware Config

Targets

    • Target

      bbce009f7a7464be2100737b272bd6c2297a352957970f1bb28ba7c1c16e7851

    • Size

      1.7MB

    • MD5

      9377b44e28343e05a83ecda016271780

    • SHA1

      9667aa93126b95d00d2953988b1eb7efa2d7b7b0

    • SHA256

      bbce009f7a7464be2100737b272bd6c2297a352957970f1bb28ba7c1c16e7851

    • SHA512

      2a667f2ecdc71cacdce0814e2af406ed1613b150d7e2d795132d240105d9beeabe659b2f1f0bddad56d25c9b152bfc0a2a57a11c0b1dd1f09cfd74cd3f735094

    • SSDEEP

      49152:09suHdb8t3oMg4g2XSHSwe27WC2p0ukEO0B+v98+8:YdbW3G41SywyC26CvB+v9W

    • Detect Mystic stealer payload

    • Modifies Windows Defender Real-time Protection settings

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks