Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b78c5287dd55f49d3e2dfc1e8ff6170bae241a6b2120a1938739df6891e26ad4

  • Size

    1.2MB

  • Sample

    231006-r84efsfd36

  • MD5

    7c3172cf590525ed596ca0005a947f39

  • SHA1

    e86ed0cb604ebc5538c089eee0239161720a29e6

  • SHA256

    b78c5287dd55f49d3e2dfc1e8ff6170bae241a6b2120a1938739df6891e26ad4

  • SHA512

    6686bbb75276da2a80db6df9cc5accffee9fd3b3941772e09826a9e5a03da32d0198061584571998cea3f185ce67af8ac039a0e818c7a031c254b44006dd9194

  • SSDEEP

    24576:/ytU4FmuIl6JOBI740Xyt43Wo9dMLXLnZgVSW8S:KdIlm8He3D+VgEj

Malware Config

Targets

    • Target

      b78c5287dd55f49d3e2dfc1e8ff6170bae241a6b2120a1938739df6891e26ad4

    • Size

      1.2MB

    • MD5

      7c3172cf590525ed596ca0005a947f39

    • SHA1

      e86ed0cb604ebc5538c089eee0239161720a29e6

    • SHA256

      b78c5287dd55f49d3e2dfc1e8ff6170bae241a6b2120a1938739df6891e26ad4

    • SHA512

      6686bbb75276da2a80db6df9cc5accffee9fd3b3941772e09826a9e5a03da32d0198061584571998cea3f185ce67af8ac039a0e818c7a031c254b44006dd9194

    • SSDEEP

      24576:/ytU4FmuIl6JOBI740Xyt43Wo9dMLXLnZgVSW8S:KdIlm8He3D+VgEj

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks