Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    621bab0b8867573e47467ed1e84b873b1d3a97a9658d9c8744e301f12a87e1d2

  • Size

    1.7MB

  • Sample

    231005-z5aa7shd53

  • MD5

    6357f8c537d9b16a05b0b79d78d795b9

  • SHA1

    dd07eca325aed9ea786c0da3738d468253596bc0

  • SHA256

    621bab0b8867573e47467ed1e84b873b1d3a97a9658d9c8744e301f12a87e1d2

  • SHA512

    b32c54f88d1098ba65017576a31d24547ce255cfa39b39cfb29eec8f55feeec908801f9ab17631416ca6612396fd5669a2645b46f6522b456c17ed406285a9be

  • SSDEEP

    24576:h1xY5A0vimILMPcVJT6gH/A2Z46a9Dhvh6TDiZZf:hf0vimILMP4V6SAO46a3vmDiff

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      621bab0b8867573e47467ed1e84b873b1d3a97a9658d9c8744e301f12a87e1d2

    • Size

      1.7MB

    • MD5

      6357f8c537d9b16a05b0b79d78d795b9

    • SHA1

      dd07eca325aed9ea786c0da3738d468253596bc0

    • SHA256

      621bab0b8867573e47467ed1e84b873b1d3a97a9658d9c8744e301f12a87e1d2

    • SHA512

      b32c54f88d1098ba65017576a31d24547ce255cfa39b39cfb29eec8f55feeec908801f9ab17631416ca6612396fd5669a2645b46f6522b456c17ed406285a9be

    • SSDEEP

      24576:h1xY5A0vimILMPcVJT6gH/A2Z46a9Dhvh6TDiZZf:hf0vimILMP4V6SAO46a3vmDiff

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks