Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e8cb2d615c2954b14f5efa245b8a4b9d0fd90043d65b0d03a40896a0af1c9ef2

  • Size

    1016KB

  • Sample

    231011-kg4sksbf3w

  • MD5

    48de38fa3f68c04b522b4961e5db163a

  • SHA1

    84b5c214ace08a4269e7259814e68d1cdb7d60be

  • SHA256

    e8cb2d615c2954b14f5efa245b8a4b9d0fd90043d65b0d03a40896a0af1c9ef2

  • SHA512

    0dcbadc99929545055559105e5d34317866edfb8be233d566f796d3aab84cec556bbe7e40cb502d1b9af80393a3a833b7cbe8ef8912ce19ba638f4f9c76ae506

  • SSDEEP

    12288:++RAocYVBYDKzcx9jkmP8bey7/0RDMmZZxnyUuyyu0mNwNUKdss/9:+xWYDKzcx9jkmPe/knxyPm6NNWU9

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      e8cb2d615c2954b14f5efa245b8a4b9d0fd90043d65b0d03a40896a0af1c9ef2

    • Size

      1016KB

    • MD5

      48de38fa3f68c04b522b4961e5db163a

    • SHA1

      84b5c214ace08a4269e7259814e68d1cdb7d60be

    • SHA256

      e8cb2d615c2954b14f5efa245b8a4b9d0fd90043d65b0d03a40896a0af1c9ef2

    • SHA512

      0dcbadc99929545055559105e5d34317866edfb8be233d566f796d3aab84cec556bbe7e40cb502d1b9af80393a3a833b7cbe8ef8912ce19ba638f4f9c76ae506

    • SSDEEP

      12288:++RAocYVBYDKzcx9jkmP8bey7/0RDMmZZxnyUuyyu0mNwNUKdss/9:+xWYDKzcx9jkmPe/knxyPm6NNWU9

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks