Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ae6404217d9bbe5213a9bc7d8a93d085c6e11190ca533b5bb09cfa346ef831b7

  • Size

    346KB

  • Sample

    231011-nea92abb5y

  • MD5

    276174b4255e7bc8ae5d626c19761be2

  • SHA1

    fad3e08d3a065268a713bab0e46359ffa45f5b60

  • SHA256

    ae6404217d9bbe5213a9bc7d8a93d085c6e11190ca533b5bb09cfa346ef831b7

  • SHA512

    664f718aaf39cbfc5a1b912754d7ee36de662ef28565e081f91ea85b98acd1790f2d5ddd1694e543da3c9c3cde1b38eb2dcf21854ad33901b692831b039f6023

  • SSDEEP

    6144:8WCGljS9PgGzqLHvw1t6mAOpM0Uyyc/umU2nDY22bReuSVaxL3viKC:8W7S9PgGim0T+9UUDY22bdxziKC

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      ae6404217d9bbe5213a9bc7d8a93d085c6e11190ca533b5bb09cfa346ef831b7

    • Size

      346KB

    • MD5

      276174b4255e7bc8ae5d626c19761be2

    • SHA1

      fad3e08d3a065268a713bab0e46359ffa45f5b60

    • SHA256

      ae6404217d9bbe5213a9bc7d8a93d085c6e11190ca533b5bb09cfa346ef831b7

    • SHA512

      664f718aaf39cbfc5a1b912754d7ee36de662ef28565e081f91ea85b98acd1790f2d5ddd1694e543da3c9c3cde1b38eb2dcf21854ad33901b692831b039f6023

    • SSDEEP

      6144:8WCGljS9PgGzqLHvw1t6mAOpM0Uyyc/umU2nDY22bReuSVaxL3viKC:8W7S9PgGim0T+9UUDY22bdxziKC

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks