Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8076f01afd589910a0f2c7b347fdc6633f20e4fb6e6f67c5457217d1af63ca08

  • Size

    276KB

  • Sample

    231010-zqyp9aaf5t

  • MD5

    d7b91181dc97b2ca65b1015fbbc71af0

  • SHA1

    6c27ff2d9d0c84f5b9168fabc0176f05d7e96bcb

  • SHA256

    8076f01afd589910a0f2c7b347fdc6633f20e4fb6e6f67c5457217d1af63ca08

  • SHA512

    82f89e07d41f8367bc80359e431b6052cc2b79830278e2fcd34dbd9a3683568068edb03b4da59f5e07120adca68b1e7b695c294c7347b4dec712b2e13ce0aea8

  • SSDEEP

    6144:Wh0RKajWpVP060qLE5/JjsXOqDWmUadL6BakuUe9/b7rj:WyKajWFLE59s+k4AuakuU8j

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      8076f01afd589910a0f2c7b347fdc6633f20e4fb6e6f67c5457217d1af63ca08

    • Size

      276KB

    • MD5

      d7b91181dc97b2ca65b1015fbbc71af0

    • SHA1

      6c27ff2d9d0c84f5b9168fabc0176f05d7e96bcb

    • SHA256

      8076f01afd589910a0f2c7b347fdc6633f20e4fb6e6f67c5457217d1af63ca08

    • SHA512

      82f89e07d41f8367bc80359e431b6052cc2b79830278e2fcd34dbd9a3683568068edb03b4da59f5e07120adca68b1e7b695c294c7347b4dec712b2e13ce0aea8

    • SSDEEP

      6144:Wh0RKajWpVP060qLE5/JjsXOqDWmUadL6BakuUe9/b7rj:WyKajWFLE59s+k4AuakuU8j

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks