Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    133c70b1675b1cb34aea3e0eff67e7e6465d29e89efc08f4140546a4c8f300fd

  • Size

    1.6MB

  • Sample

    231006-h2w75ahf6w

  • MD5

    f3e0afaae592d714b63e319e8946c7b6

  • SHA1

    93be6c1ef24f4eb54bdb152e9bd7ba930a3ec300

  • SHA256

    133c70b1675b1cb34aea3e0eff67e7e6465d29e89efc08f4140546a4c8f300fd

  • SHA512

    b7d26fde8fe14ed0260146c042bac6da7cbc07c014d9a862b60c374aa7613de5714e830c19cf3a5e51cc05dfa68c5e0e3058f1640997053c1aa26556924d0b56

  • SSDEEP

    24576:UyQNYto3sRhOOWx4VfUKKteCAj5UQXz4Yc8Wy0g3XmNejYpdMN/gG:jkYto8R6qVgFn6z4EWyhmkIdwo

Malware Config

Targets

    • Target

      133c70b1675b1cb34aea3e0eff67e7e6465d29e89efc08f4140546a4c8f300fd

    • Size

      1.6MB

    • MD5

      f3e0afaae592d714b63e319e8946c7b6

    • SHA1

      93be6c1ef24f4eb54bdb152e9bd7ba930a3ec300

    • SHA256

      133c70b1675b1cb34aea3e0eff67e7e6465d29e89efc08f4140546a4c8f300fd

    • SHA512

      b7d26fde8fe14ed0260146c042bac6da7cbc07c014d9a862b60c374aa7613de5714e830c19cf3a5e51cc05dfa68c5e0e3058f1640997053c1aa26556924d0b56

    • SSDEEP

      24576:UyQNYto3sRhOOWx4VfUKKteCAj5UQXz4Yc8Wy0g3XmNejYpdMN/gG:jkYto8R6qVgFn6z4EWyhmkIdwo

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks