Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    295ec873225215ab37bdff973443fb9e4dc979361db1858346ae7ec6713b3d4a

  • Size

    1016KB

  • Sample

    231011-kk2sdsbh3t

  • MD5

    181edf95529bfa716a5d92b569173567

  • SHA1

    c6e15eabfba0089f3a66b44669ab59d9d0b9b2e3

  • SHA256

    295ec873225215ab37bdff973443fb9e4dc979361db1858346ae7ec6713b3d4a

  • SHA512

    cdf3d8f8b30f525c017f617745e8d4145d070fd31c2bfce66964f0b812f52ef03f990c50163ff8bd2dc6c88e3060922bafef20fd069aa700a028e68b4d000a30

  • SSDEEP

    12288:D0zIlVZ87IYDKzcx9jkmP8bey7/0RDMmZZxnyUuyyuMiQnw0ph1rA9:DrOIYDKzcx9jkmPe/knxyxiAwAk9

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      295ec873225215ab37bdff973443fb9e4dc979361db1858346ae7ec6713b3d4a

    • Size

      1016KB

    • MD5

      181edf95529bfa716a5d92b569173567

    • SHA1

      c6e15eabfba0089f3a66b44669ab59d9d0b9b2e3

    • SHA256

      295ec873225215ab37bdff973443fb9e4dc979361db1858346ae7ec6713b3d4a

    • SHA512

      cdf3d8f8b30f525c017f617745e8d4145d070fd31c2bfce66964f0b812f52ef03f990c50163ff8bd2dc6c88e3060922bafef20fd069aa700a028e68b4d000a30

    • SSDEEP

      12288:D0zIlVZ87IYDKzcx9jkmP8bey7/0RDMmZZxnyUuyyuMiQnw0ph1rA9:DrOIYDKzcx9jkmPe/knxyxiAwAk9

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks