Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.a23409f579deb1d68ab914ea800df4a80cfded68e12c9205b9d6f3234c26b47dexe_JC.exe

  • Size

    1.4MB

  • Sample

    231006-spzsladf71

  • MD5

    221610ece0649f15926ff8c700894a4b

  • SHA1

    f05152abf9de6bb2fe185ff69ff75ec10ea6b411

  • SHA256

    a23409f579deb1d68ab914ea800df4a80cfded68e12c9205b9d6f3234c26b47d

  • SHA512

    8ef9223fef92373b356154495706685310c7ed32347788bf9829cc021e142b291639e505202ef280d559fc0f8e428120e719b879d355c524abb687c16c984e77

  • SSDEEP

    12288:jaWs3sJwo00rnuOVD9X6a9DhvhNf9H/7Fc0Y6Diiebj:jmsJw8T6a9DhvhnziOBe

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      NEAS.a23409f579deb1d68ab914ea800df4a80cfded68e12c9205b9d6f3234c26b47dexe_JC.exe

    • Size

      1.4MB

    • MD5

      221610ece0649f15926ff8c700894a4b

    • SHA1

      f05152abf9de6bb2fe185ff69ff75ec10ea6b411

    • SHA256

      a23409f579deb1d68ab914ea800df4a80cfded68e12c9205b9d6f3234c26b47d

    • SHA512

      8ef9223fef92373b356154495706685310c7ed32347788bf9829cc021e142b291639e505202ef280d559fc0f8e428120e719b879d355c524abb687c16c984e77

    • SSDEEP

      12288:jaWs3sJwo00rnuOVD9X6a9DhvhNf9H/7Fc0Y6Diiebj:jmsJw8T6a9DhvhnziOBe

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks