Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4370af9251062edeaf536fa0770a5779c2ec59ef3f3e61050b64bb58eb4a7f9c

  • Size

    350KB

  • Sample

    231011-mm9xwsbb33

  • MD5

    05f4b85c81e7d08832041807cf53662a

  • SHA1

    282516da27d4442043ca8d8cd00bb1d3c9f26999

  • SHA256

    4370af9251062edeaf536fa0770a5779c2ec59ef3f3e61050b64bb58eb4a7f9c

  • SHA512

    dec29a80657315d94bb1e62c76ecb391404d2d733ca97ea5d18d24ff36245eb4eb58b5c19597c58496d2ccc25ed8e5398944e5329e424a0a0e424197c69585bf

  • SSDEEP

    6144:bt3LsrNJmc30jXud9b7zAOhp70n6PqU6ag6AbQxsMPGXkfaJF4S:bqxJm+bzLpwn6dM6cKPGU6F4S

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      4370af9251062edeaf536fa0770a5779c2ec59ef3f3e61050b64bb58eb4a7f9c

    • Size

      350KB

    • MD5

      05f4b85c81e7d08832041807cf53662a

    • SHA1

      282516da27d4442043ca8d8cd00bb1d3c9f26999

    • SHA256

      4370af9251062edeaf536fa0770a5779c2ec59ef3f3e61050b64bb58eb4a7f9c

    • SHA512

      dec29a80657315d94bb1e62c76ecb391404d2d733ca97ea5d18d24ff36245eb4eb58b5c19597c58496d2ccc25ed8e5398944e5329e424a0a0e424197c69585bf

    • SSDEEP

      6144:bt3LsrNJmc30jXud9b7zAOhp70n6PqU6ag6AbQxsMPGXkfaJF4S:bqxJm+bzLpwn6dM6cKPGU6F4S

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks