Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

18ef1d6332...69.exe

windows7-x64

10

18ef1d6332...69.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    18ef1d6332be0c8b9b67bfa92fa1aacfbff38f961adf124ca2104cf17898a269

  • Size

    370KB

  • Sample

    231011-hpxm5agb71

  • MD5

    1cbd770a288a47e7704205fc12a61913

  • SHA1

    7c75d26f5a97476c9f264a3df3fd6325171d04a9

  • SHA256

    1167a88cefca0900d0ef3e4f3579d7577c9ffc1c2cedfd723cf8ef2d5bbbfd2a

  • SHA512

    755fac659881dfb7a5f7ffdfd72f105218d0edd8dcf02c94a53761ab39c96192f8b04ebb3b964b87e3b7fa59dc7f4a1a9eb14e2ceb3ef06a20b1292163a12119

  • SSDEEP

    6144:m2C0t2kfnaw/1sTagqK3ZQHBnossin2YBUiO9N6j4QprwaJRIxQFZs2HU:mDcffnawdsGgqGknDvn2Yyi0qrJRISU

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      18ef1d6332be0c8b9b67bfa92fa1aacfbff38f961adf124ca2104cf17898a269

    • Size

      1016KB

    • MD5

      7dccae063e4b38bc0c58570f14a1960e

    • SHA1

      0f854020abd45cb29b77cfef21b75f1a57047e95

    • SHA256

      18ef1d6332be0c8b9b67bfa92fa1aacfbff38f961adf124ca2104cf17898a269

    • SHA512

      82561f57d0d2517ab5f4eb332e9663f4480670ccbacb3ee0b91858f3386dcf8f93a8619169714fbbc7e083fe099252bfba60f51dc972612d06cdb9bb03791c86

    • SSDEEP

      12288:e+NAoNYtBYDKzcx9jkmP8buy7/0RDMmZZxnyUuyyuCkYD5206NZqPiu/9:eo6YDKzcx9jkmP+/knxyfkYD52V+PT9

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks