Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

1e818621e6...dc.exe

windows7-x64

10

1e818621e6...dc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e818621e629bc06a70b61ca7a68f5a77a26b6010e84c769091c64a0dfdf5adc

  • Size

    379KB

  • Sample

    231011-q3313aag5w

  • MD5

    390bc29db02b22ab38ba8e962006dc08

  • SHA1

    e26c1c7e30da099ba6f020b87f00e9b275440655

  • SHA256

    1e818621e629bc06a70b61ca7a68f5a77a26b6010e84c769091c64a0dfdf5adc

  • SHA512

    3c67e2a3fa5e314acad7a3e9aae57d30867ddd70f132d5b5cf330f3d7ba4a1825ca154760a7f3cd236db773c0472aa757816cb33133bd22dacf2004465de8570

  • SSDEEP

    6144:Mu2cRgs3r9vIum2Tg0N63KAOi8FGKdChXhl0ZwlnFMkYyrwzYaREDL+f8UPcOoeK:MuNRP3r9Hmes8/3wlnFMkYc2YsEOf8UA

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      1e818621e629bc06a70b61ca7a68f5a77a26b6010e84c769091c64a0dfdf5adc

    • Size

      379KB

    • MD5

      390bc29db02b22ab38ba8e962006dc08

    • SHA1

      e26c1c7e30da099ba6f020b87f00e9b275440655

    • SHA256

      1e818621e629bc06a70b61ca7a68f5a77a26b6010e84c769091c64a0dfdf5adc

    • SHA512

      3c67e2a3fa5e314acad7a3e9aae57d30867ddd70f132d5b5cf330f3d7ba4a1825ca154760a7f3cd236db773c0472aa757816cb33133bd22dacf2004465de8570

    • SSDEEP

      6144:Mu2cRgs3r9vIum2Tg0N63KAOi8FGKdChXhl0ZwlnFMkYyrwzYaREDL+f8UPcOoeK:MuNRP3r9Hmes8/3wlnFMkYc2YsEOf8UA

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.