Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    344f555bafa13235c6275766214887a9b7d77f0639d5b79df2020ad81383fe81_JC.exe

  • Size

    1016KB

  • Sample

    231011-gwns5adh41

  • MD5

    da64796b21017581ed9cc9430a994bd6

  • SHA1

    22f2c6919beb53d4847f841b3ade37a5f57a766b

  • SHA256

    344f555bafa13235c6275766214887a9b7d77f0639d5b79df2020ad81383fe81

  • SHA512

    66262c6138a5ab455f64626cd9b6763832ea09d48b8375e113639022bb5ead60788c8b1d678bf86b5bff0c54fd60c20cd3e8f3e7df0b94a6c8847b13e03eba96

  • SSDEEP

    12288:A+hAoJY0BYDKzcx9jkmP8bey7/0RDMmZZxnyUuyyuxubeg0IVAUjGhzy/9:AY7YDKzcx9jkmPe/knxyZC0gx69

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      344f555bafa13235c6275766214887a9b7d77f0639d5b79df2020ad81383fe81_JC.exe

    • Size

      1016KB

    • MD5

      da64796b21017581ed9cc9430a994bd6

    • SHA1

      22f2c6919beb53d4847f841b3ade37a5f57a766b

    • SHA256

      344f555bafa13235c6275766214887a9b7d77f0639d5b79df2020ad81383fe81

    • SHA512

      66262c6138a5ab455f64626cd9b6763832ea09d48b8375e113639022bb5ead60788c8b1d678bf86b5bff0c54fd60c20cd3e8f3e7df0b94a6c8847b13e03eba96

    • SSDEEP

      12288:A+hAoJY0BYDKzcx9jkmP8bey7/0RDMmZZxnyUuyyuxubeg0IVAUjGhzy/9:AY7YDKzcx9jkmPe/knxyZC0gx69

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks