Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

8bc0d66ff5...14.exe

windows7-x64

10

8bc0d66ff5...14.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8bc0d66ff5a18280e245f716319d59c2b001138fc373ae32590d4557f1ad1014

  • Size

    379KB

  • Sample

    231011-pclhnaed51

  • MD5

    6f37d7fbd8dbc935e5b9884f0ae6ac11

  • SHA1

    99f0002e98cc5cf12248f8c36e816a5a6e0f175f

  • SHA256

    8bc0d66ff5a18280e245f716319d59c2b001138fc373ae32590d4557f1ad1014

  • SHA512

    fc8ddbdd29273526d59d622280ef1a3861d3ebcf528afef1b2e02651d035340c01c7b74191211cf9a379efa3e5c1c81b77d80c774132501e86376a0eecbc15f0

  • SSDEEP

    6144:4nGcRgs3r9vIum2Tg0N63KAOqdMl0kHlsaai3aLfwzioj05LAg3F:4n9RP3r9HmegmlsaawaLfJb3F

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      8bc0d66ff5a18280e245f716319d59c2b001138fc373ae32590d4557f1ad1014

    • Size

      379KB

    • MD5

      6f37d7fbd8dbc935e5b9884f0ae6ac11

    • SHA1

      99f0002e98cc5cf12248f8c36e816a5a6e0f175f

    • SHA256

      8bc0d66ff5a18280e245f716319d59c2b001138fc373ae32590d4557f1ad1014

    • SHA512

      fc8ddbdd29273526d59d622280ef1a3861d3ebcf528afef1b2e02651d035340c01c7b74191211cf9a379efa3e5c1c81b77d80c774132501e86376a0eecbc15f0

    • SSDEEP

      6144:4nGcRgs3r9vIum2Tg0N63KAOqdMl0kHlsaai3aLfwzioj05LAg3F:4n9RP3r9HmegmlsaawaLfJb3F

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks