Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d459bedd8597182d896afcecf5131b09e5c6919d9d2601f0a5c78286229377e5

  • Size

    346KB

  • Sample

    231011-m7l2kaad8y

  • MD5

    8b7dd257a38b62293fa5dbdbf2c665af

  • SHA1

    b54937e4a73670b643bcc6025d4dcc438e985ce1

  • SHA256

    d459bedd8597182d896afcecf5131b09e5c6919d9d2601f0a5c78286229377e5

  • SHA512

    479d307732ee9a9bf0d6125e0c8f67b1a9a531bf682364889a4fd97dee7b40371a1010936d2215c0f23d780d3498c0e2bf61718af53de33c00b56f0ef59afd63

  • SSDEEP

    6144:lWCFljS9PgGzqLHvw1t6mAOVA0Bnp2kp3viKC:lWuS9PgGimw0BIkZiKC

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      d459bedd8597182d896afcecf5131b09e5c6919d9d2601f0a5c78286229377e5

    • Size

      346KB

    • MD5

      8b7dd257a38b62293fa5dbdbf2c665af

    • SHA1

      b54937e4a73670b643bcc6025d4dcc438e985ce1

    • SHA256

      d459bedd8597182d896afcecf5131b09e5c6919d9d2601f0a5c78286229377e5

    • SHA512

      479d307732ee9a9bf0d6125e0c8f67b1a9a531bf682364889a4fd97dee7b40371a1010936d2215c0f23d780d3498c0e2bf61718af53de33c00b56f0ef59afd63

    • SSDEEP

      6144:lWCFljS9PgGzqLHvw1t6mAOVA0Bnp2kp3viKC:lWuS9PgGimw0BIkZiKC

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks