Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

a4e0f66c32...66.exe

windows7-x64

10

a4e0f66c32...66.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a4e0f66c32f30cf5e73c0ceba8b5a90f007f6126594d3475c86094d850761d66

  • Size

    356KB

  • Sample

    231010-1trxjsfh56

  • MD5

    ee34268c1f6bb64acbc91ba24d7dba85

  • SHA1

    4b8faf8e4851570331e3fae98745501ea14e8a6a

  • SHA256

    a4e0f66c32f30cf5e73c0ceba8b5a90f007f6126594d3475c86094d850761d66

  • SHA512

    b44578aecddbd8d3266f633436c59dbacc0554f7c6f5791ae864a11f6d3e38de13780754244834157f7f9e6004d2725de6e2bfb7550df7aaf908b3af3ac9c377

  • SSDEEP

    6144:EATeW/s5GqrO5aXnfEGIXWPvZAOZynlZO1zrd4T2scpAuRBqXzE4+WVs0BC+:wmcGqrOk86xKlZNak4B+s0BC+

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      a4e0f66c32f30cf5e73c0ceba8b5a90f007f6126594d3475c86094d850761d66

    • Size

      356KB

    • MD5

      ee34268c1f6bb64acbc91ba24d7dba85

    • SHA1

      4b8faf8e4851570331e3fae98745501ea14e8a6a

    • SHA256

      a4e0f66c32f30cf5e73c0ceba8b5a90f007f6126594d3475c86094d850761d66

    • SHA512

      b44578aecddbd8d3266f633436c59dbacc0554f7c6f5791ae864a11f6d3e38de13780754244834157f7f9e6004d2725de6e2bfb7550df7aaf908b3af3ac9c377

    • SSDEEP

      6144:EATeW/s5GqrO5aXnfEGIXWPvZAOZynlZO1zrd4T2scpAuRBqXzE4+WVs0BC+:wmcGqrOk86xKlZNak4B+s0BC+

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks