Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aa545c1bf309f1b5f7f1184dc6d5d8db634ae9ccc85c4e37a9aaf3efe593f7df

  • Size

    350KB

  • Sample

    231011-mjst7sag57

  • MD5

    0adaf64f19915763e4b9ae3879ffb211

  • SHA1

    a227d1987e27f34dfc9b475cf68f6bcc9734ce8b

  • SHA256

    aa545c1bf309f1b5f7f1184dc6d5d8db634ae9ccc85c4e37a9aaf3efe593f7df

  • SHA512

    7c89211ecf36726687906c7ce7548fb37f689ebb166d06972139441cbabd46fe6576ba7f1bd66fda9a5bdb3f1560d09a56649f7fb814b57e575e7e1455faf651

  • SSDEEP

    6144:ltBLsrNJmc30jXud9b7zAO/p70n6XI4rlKVAqjq3b75sN9VQaJF4S:l0xJm+bzFpwn6XI4d+NDjF4S

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      aa545c1bf309f1b5f7f1184dc6d5d8db634ae9ccc85c4e37a9aaf3efe593f7df

    • Size

      350KB

    • MD5

      0adaf64f19915763e4b9ae3879ffb211

    • SHA1

      a227d1987e27f34dfc9b475cf68f6bcc9734ce8b

    • SHA256

      aa545c1bf309f1b5f7f1184dc6d5d8db634ae9ccc85c4e37a9aaf3efe593f7df

    • SHA512

      7c89211ecf36726687906c7ce7548fb37f689ebb166d06972139441cbabd46fe6576ba7f1bd66fda9a5bdb3f1560d09a56649f7fb814b57e575e7e1455faf651

    • SSDEEP

      6144:ltBLsrNJmc30jXud9b7zAO/p70n6XI4rlKVAqjq3b75sN9VQaJF4S:l0xJm+bzFpwn6XI4d+NDjF4S

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks