Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3d53faf7fb3af3a735df7179ce8dc731ea9017e32365b0ede294d5f21f748e58

  • Size

    370KB

  • Sample

    231011-hr3bdsge2w

  • MD5

    6794b5a6762a2dbb67121b80d0f0b490

  • SHA1

    1586117230f0c646ad8e03b723d385589e9b3e1f

  • SHA256

    6fda596794eec5e90b0fe21d0409df4881c52980af09be721429d849ab8db860

  • SHA512

    330fc136a434beb7566455f186d620f496808763ad3906e2037d53313c863a0579e52e66f81e3efe82b51dff7708221bbada65173b892cc674c4128aee1b5121

  • SSDEEP

    6144:d36/IAccCnr1DWNa0cI39rAwNXl0ixj0WqImbf6HODW+oXpTJbQe7cq:RUkZr1aA0P39r11VjtqDbf6HJL51bgq

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      3d53faf7fb3af3a735df7179ce8dc731ea9017e32365b0ede294d5f21f748e58

    • Size

      1016KB

    • MD5

      9197894f082bcbf9de819c2770a5207d

    • SHA1

      fabcfad80b27394644712a25564c3de399a8e126

    • SHA256

      3d53faf7fb3af3a735df7179ce8dc731ea9017e32365b0ede294d5f21f748e58

    • SHA512

      89810df68fda615939204d78ce6a567780c35a4cac483a6742f45cff4c46d45ad40f118583910ddf1ccddacb1cdbd2c51856e28154fcae94c92724020bf3b383

    • SSDEEP

      12288:d+uAoZYyBYDKzcx9jkmP8bey7/0RDMmZZxnyUuyyutrY9PXY8/9:dNpYDKzcx9jkmPe/knxyerY9PoE9

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks