Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0db79daa6a26ef635a291c9d8dd8f17e19d7dc858622a7974972e40ee5d9347b

  • Size

    346KB

  • Sample

    231011-nt9fdacf8w

  • MD5

    99a66af56145559acf49ad3759d2cedb

  • SHA1

    3eca24c7910cdf47ed530334692c9b86bb366b0f

  • SHA256

    0db79daa6a26ef635a291c9d8dd8f17e19d7dc858622a7974972e40ee5d9347b

  • SHA512

    d26c3cc1c0fd59a8a00cb335a7db367c34ed394ce4e7782877b6806faab2e4454c3d1066e0565e7a3c7274e7254d5f0a0560b1e46e0b4bc159760645986ff3d1

  • SSDEEP

    6144:qEC8ljS9PgGzqLHvw1t6mAOt5oW8yVxbgs5VUY4LINUABa3viKC:qEVS9PgGimfeW97bd4LLINUABsiKC

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      0db79daa6a26ef635a291c9d8dd8f17e19d7dc858622a7974972e40ee5d9347b

    • Size

      346KB

    • MD5

      99a66af56145559acf49ad3759d2cedb

    • SHA1

      3eca24c7910cdf47ed530334692c9b86bb366b0f

    • SHA256

      0db79daa6a26ef635a291c9d8dd8f17e19d7dc858622a7974972e40ee5d9347b

    • SHA512

      d26c3cc1c0fd59a8a00cb335a7db367c34ed394ce4e7782877b6806faab2e4454c3d1066e0565e7a3c7274e7254d5f0a0560b1e46e0b4bc159760645986ff3d1

    • SSDEEP

      6144:qEC8ljS9PgGzqLHvw1t6mAOt5oW8yVxbgs5VUY4LINUABa3viKC:qEVS9PgGimfeW97bd4LLINUABsiKC

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks