Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    35706e6913d750d2a1d1b11b6a5c919a0a1b55fbe88438d7df42553b09d82c35

  • Size

    1.2MB

  • Sample

    231007-aav7rage4s

  • MD5

    0ce38a1f0d411f9371599fba05bf1b69

  • SHA1

    8d436cd3de377e5f064d0d842a78a15a5b3a35d6

  • SHA256

    35706e6913d750d2a1d1b11b6a5c919a0a1b55fbe88438d7df42553b09d82c35

  • SHA512

    36e01ee5d75c06e8a39cd59604e7ea58abf16bb0c170adb8c22a6230061810fbf3e1668932d8220e49cf476f4ec3315065cb5770049f45e6ed98e4bcd4833bd6

  • SSDEEP

    24576:YykdtDvTsF4G5mhXLNSVQfey1+8bqAx8FuJ2YjuiqV7ALhgD09dhn1:fkdtDbsF45h7NSVQfeUPdx8FuJ2YokLd

Malware Config

Targets

    • Target

      35706e6913d750d2a1d1b11b6a5c919a0a1b55fbe88438d7df42553b09d82c35

    • Size

      1.2MB

    • MD5

      0ce38a1f0d411f9371599fba05bf1b69

    • SHA1

      8d436cd3de377e5f064d0d842a78a15a5b3a35d6

    • SHA256

      35706e6913d750d2a1d1b11b6a5c919a0a1b55fbe88438d7df42553b09d82c35

    • SHA512

      36e01ee5d75c06e8a39cd59604e7ea58abf16bb0c170adb8c22a6230061810fbf3e1668932d8220e49cf476f4ec3315065cb5770049f45e6ed98e4bcd4833bd6

    • SSDEEP

      24576:YykdtDvTsF4G5mhXLNSVQfey1+8bqAx8FuJ2YjuiqV7ALhgD09dhn1:fkdtDbsF45h7NSVQfeUPdx8FuJ2YokLd

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks