Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    597e38b880e16d86f62825b75801d6700020084a466448258928f30d7c5a8182

  • Size

    350KB

  • Sample

    231011-mendxsge41

  • MD5

    8e18401156039b21c04e08089c40cefe

  • SHA1

    7a378fcec369cd304ce2cf5bc98b882d5dc4eac0

  • SHA256

    597e38b880e16d86f62825b75801d6700020084a466448258928f30d7c5a8182

  • SHA512

    61510edd8e27eac3e98e4e2e02059c92cd6e4f3e7f4eecc364a3412b5a606a0930ffcdd8a8c0e2ece14309e084c5db106231f5f52c13406c50741744088aefae

  • SSDEEP

    6144:wtHLsrNJmc30jXud9b7zAO2p70n6nR7lNhP4eYG3e7Be472lTaJF4S:wixJm+bz4pwn6nRpkr7s4SQF4S

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      597e38b880e16d86f62825b75801d6700020084a466448258928f30d7c5a8182

    • Size

      350KB

    • MD5

      8e18401156039b21c04e08089c40cefe

    • SHA1

      7a378fcec369cd304ce2cf5bc98b882d5dc4eac0

    • SHA256

      597e38b880e16d86f62825b75801d6700020084a466448258928f30d7c5a8182

    • SHA512

      61510edd8e27eac3e98e4e2e02059c92cd6e4f3e7f4eecc364a3412b5a606a0930ffcdd8a8c0e2ece14309e084c5db106231f5f52c13406c50741744088aefae

    • SSDEEP

      6144:wtHLsrNJmc30jXud9b7zAO2p70n6nR7lNhP4eYG3e7Be472lTaJF4S:wixJm+bz4pwn6nRpkr7s4SQF4S

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks