Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    77c71a53b36a9a61009ffede8222a75a0b02f319b9efec7fb0ab8e525db4f82b

  • Size

    378KB

  • Sample

    231006-y75z8ahh77

  • MD5

    b8cc7f181a4753e4688b5f734c3e6b1d

  • SHA1

    2e8a48c8c00b338dfc9e298a04712268751b5c55

  • SHA256

    77c71a53b36a9a61009ffede8222a75a0b02f319b9efec7fb0ab8e525db4f82b

  • SHA512

    d8019063c71cae8939f8e0ee9c9bdc0beb59a594de7506b38cfc650d25b6c389786a9f9b2db2adb48d5b7f26c703a10c672469dce05e544113130a691c4129f6

  • SSDEEP

    6144:TzCBCH557yGY/fjBximSLB5aAOki2+Bx80q+Fr0cItNj:TzRHr7yV3OW12TX+6j

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      77c71a53b36a9a61009ffede8222a75a0b02f319b9efec7fb0ab8e525db4f82b

    • Size

      378KB

    • MD5

      b8cc7f181a4753e4688b5f734c3e6b1d

    • SHA1

      2e8a48c8c00b338dfc9e298a04712268751b5c55

    • SHA256

      77c71a53b36a9a61009ffede8222a75a0b02f319b9efec7fb0ab8e525db4f82b

    • SHA512

      d8019063c71cae8939f8e0ee9c9bdc0beb59a594de7506b38cfc650d25b6c389786a9f9b2db2adb48d5b7f26c703a10c672469dce05e544113130a691c4129f6

    • SSDEEP

      6144:TzCBCH557yGY/fjBximSLB5aAOki2+Bx80q+Fr0cItNj:TzRHr7yV3OW12TX+6j

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks