Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f15690601fd6506abd89ccbffae20bebd2996abc70c1ea4c05fd94241fb5125f

  • Size

    378KB

  • Sample

    231006-qcf4lsdh27

  • MD5

    a287abcb41af64105e145140f14bbcbe

  • SHA1

    0895e29b2ed57c2cd94dda07d805f69bf74c21b2

  • SHA256

    f15690601fd6506abd89ccbffae20bebd2996abc70c1ea4c05fd94241fb5125f

  • SHA512

    0edc2d93ed11a8883e62b6b0afbf7e3b7f594ca0d6dec55fef36cc80fa5b941cb74b2c5447f36d25165d5e0280505ac93b4ea3f64f159eb06df5fb884d5826dc

  • SSDEEP

    6144:m4JSI92pCryG4kfjSGwEi56AOcGE0dHcfReK92EWl4YLZwUItQ0oVf759dxo0D:m4Jl2wryNSxbHvI2VLZwUItQ0oVf75PD

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      f15690601fd6506abd89ccbffae20bebd2996abc70c1ea4c05fd94241fb5125f

    • Size

      378KB

    • MD5

      a287abcb41af64105e145140f14bbcbe

    • SHA1

      0895e29b2ed57c2cd94dda07d805f69bf74c21b2

    • SHA256

      f15690601fd6506abd89ccbffae20bebd2996abc70c1ea4c05fd94241fb5125f

    • SHA512

      0edc2d93ed11a8883e62b6b0afbf7e3b7f594ca0d6dec55fef36cc80fa5b941cb74b2c5447f36d25165d5e0280505ac93b4ea3f64f159eb06df5fb884d5826dc

    • SSDEEP

      6144:m4JSI92pCryG4kfjSGwEi56AOcGE0dHcfReK92EWl4YLZwUItQ0oVf759dxo0D:m4Jl2wryNSxbHvI2VLZwUItQ0oVf75PD

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks