Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4565723e0c436a5663f3112dd476f3927ed264e844035c591ec42c2b5b33a770

  • Size

    356KB

  • Sample

    231010-1zngbagc46

  • MD5

    a909efc45b653f749a32b604fb69d1c4

  • SHA1

    15a3377f579f9b87a598e37e6ae5adad4714a8aa

  • SHA256

    4565723e0c436a5663f3112dd476f3927ed264e844035c591ec42c2b5b33a770

  • SHA512

    40483c3aabab72988429bcecc2d39ff179fa6383863fd3d43505357d6ab5f81a3f016fe52bd42f880ae1e042253e93360a0fd7379dea80819704745e4c7630e3

  • SSDEEP

    6144:nETeW/s5GqrO5aXnfEGIXWPvZAOKy9c6dMQgLAEoKw7QaJVs0BC+:RmcGqrOk86xTRENSs0BC+

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      4565723e0c436a5663f3112dd476f3927ed264e844035c591ec42c2b5b33a770

    • Size

      356KB

    • MD5

      a909efc45b653f749a32b604fb69d1c4

    • SHA1

      15a3377f579f9b87a598e37e6ae5adad4714a8aa

    • SHA256

      4565723e0c436a5663f3112dd476f3927ed264e844035c591ec42c2b5b33a770

    • SHA512

      40483c3aabab72988429bcecc2d39ff179fa6383863fd3d43505357d6ab5f81a3f016fe52bd42f880ae1e042253e93360a0fd7379dea80819704745e4c7630e3

    • SSDEEP

      6144:nETeW/s5GqrO5aXnfEGIXWPvZAOKy9c6dMQgLAEoKw7QaJVs0BC+:RmcGqrOk86xTRENSs0BC+

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks