Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    73d857b7a3241283aa780b8a9102efa445d3ef4dd0ee8853b50e8fdef064f68f

  • Size

    1.7MB

  • Sample

    231005-vxpcyafb36

  • MD5

    df3d5e46ad3c68cb436c3f7030f96eb1

  • SHA1

    440805c93cd7e8c65853b226a84f96f4a00facc7

  • SHA256

    73d857b7a3241283aa780b8a9102efa445d3ef4dd0ee8853b50e8fdef064f68f

  • SHA512

    80bae33efe1c2dc368f5d10346f80e9416f972bb19f968bf0973340ce5a4c9ad97f4a27c0246a4179a6d43d27ec903a0f20c051c696fa222283a3b569a8cd1f5

  • SSDEEP

    24576:wAxY5A0vimILMPcVJT6gH/A2Z46a9Dhvh9H5yf:wG0vimILMP4V6SAO46a3vof

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      73d857b7a3241283aa780b8a9102efa445d3ef4dd0ee8853b50e8fdef064f68f

    • Size

      1.7MB

    • MD5

      df3d5e46ad3c68cb436c3f7030f96eb1

    • SHA1

      440805c93cd7e8c65853b226a84f96f4a00facc7

    • SHA256

      73d857b7a3241283aa780b8a9102efa445d3ef4dd0ee8853b50e8fdef064f68f

    • SHA512

      80bae33efe1c2dc368f5d10346f80e9416f972bb19f968bf0973340ce5a4c9ad97f4a27c0246a4179a6d43d27ec903a0f20c051c696fa222283a3b569a8cd1f5

    • SSDEEP

      24576:wAxY5A0vimILMPcVJT6gH/A2Z46a9Dhvh9H5yf:wG0vimILMP4V6SAO46a3vof

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks