Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ad565a40153052b16609d6580cfd3e3f.exe

  • Size

    1.7MB

  • Sample

    231006-jrjpqabh93

  • MD5

    ad565a40153052b16609d6580cfd3e3f

  • SHA1

    fffd13fdddc9c98b8a7b45f2f520ac2dd001f06a

  • SHA256

    ea4a647bb752042cdeabf742af9808349e1ac898edb4d392685854399de3b58a

  • SHA512

    fd6af7fab6342311b21202079f454a3bbe75e2250b8016b3c15dcdc62112b09b059cbf2596c20598e1345d7e9137bb43fce341013339b0ec69e53d4d1bdab99b

  • SSDEEP

    24576:cjxY5A0vimILM/NVJ7qgHHY2Qm6a9DhvhJPSdK/q1f:cp0vimILM/bdqKYHm6a3vXOaq1f

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      ad565a40153052b16609d6580cfd3e3f.exe

    • Size

      1.7MB

    • MD5

      ad565a40153052b16609d6580cfd3e3f

    • SHA1

      fffd13fdddc9c98b8a7b45f2f520ac2dd001f06a

    • SHA256

      ea4a647bb752042cdeabf742af9808349e1ac898edb4d392685854399de3b58a

    • SHA512

      fd6af7fab6342311b21202079f454a3bbe75e2250b8016b3c15dcdc62112b09b059cbf2596c20598e1345d7e9137bb43fce341013339b0ec69e53d4d1bdab99b

    • SSDEEP

      24576:cjxY5A0vimILM/NVJ7qgHHY2Qm6a9DhvhJPSdK/q1f:cp0vimILM/bdqKYHm6a3vXOaq1f

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks