Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f619c235ccdba30a5e9167cf82c2154178611f4829fd548bb69cd5ea1dc32a0b

  • Size

    378KB

  • Sample

    231007-pap33abh6x

  • MD5

    e30182acc0b38c1fee525bf1be571e2e

  • SHA1

    f137e2008b2b9788d75bc3a060900630948df2a8

  • SHA256

    f619c235ccdba30a5e9167cf82c2154178611f4829fd548bb69cd5ea1dc32a0b

  • SHA512

    d3b3eb81ce3a936f6996bab38e1d923ed296c719c8efe794bbddb76b40207829a882e7e0f2cb94abafb86cd7a4b56206c0a677887bffdb219799e59743776e6e

  • SSDEEP

    6144:74HS992pCryG4kfjSGwEi56AO/Gtb4v8DeBhWY9eW2ogluNUswem6J0D:74Hq2wryNSwtM3v7VUgWD

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      f619c235ccdba30a5e9167cf82c2154178611f4829fd548bb69cd5ea1dc32a0b

    • Size

      378KB

    • MD5

      e30182acc0b38c1fee525bf1be571e2e

    • SHA1

      f137e2008b2b9788d75bc3a060900630948df2a8

    • SHA256

      f619c235ccdba30a5e9167cf82c2154178611f4829fd548bb69cd5ea1dc32a0b

    • SHA512

      d3b3eb81ce3a936f6996bab38e1d923ed296c719c8efe794bbddb76b40207829a882e7e0f2cb94abafb86cd7a4b56206c0a677887bffdb219799e59743776e6e

    • SSDEEP

      6144:74HS992pCryG4kfjSGwEi56AO/Gtb4v8DeBhWY9eW2ogluNUswem6J0D:74Hq2wryNSwtM3v7VUgWD

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks