Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    17d189fd0fb7b7c3dcebc7dceb7bf060eaecf6128c13a93dd8e47c28f426891c

  • Size

    379KB

  • Sample

    231011-qata6aah75

  • MD5

    c9d3c669fdbeedde0fcf7f36a9608584

  • SHA1

    c7511046992d060853b95fd16689f3a62291d10e

  • SHA256

    17d189fd0fb7b7c3dcebc7dceb7bf060eaecf6128c13a93dd8e47c28f426891c

  • SHA512

    8d5667763dc26a38a4b7146ee3d425eb2dddc1b40d7f3dbf1e787bacdfaad918a30e15d638816f922b1af64c50266b60a8f6e9df3058e21ab82250663068b0a4

  • SSDEEP

    6144:pXXcRgs3r9vIum2Tg0N63KAOjUB1RkrwjYlz3PwJ/sGg3F:pXsRP3r9HmeJUJU3fwJs3F

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      17d189fd0fb7b7c3dcebc7dceb7bf060eaecf6128c13a93dd8e47c28f426891c

    • Size

      379KB

    • MD5

      c9d3c669fdbeedde0fcf7f36a9608584

    • SHA1

      c7511046992d060853b95fd16689f3a62291d10e

    • SHA256

      17d189fd0fb7b7c3dcebc7dceb7bf060eaecf6128c13a93dd8e47c28f426891c

    • SHA512

      8d5667763dc26a38a4b7146ee3d425eb2dddc1b40d7f3dbf1e787bacdfaad918a30e15d638816f922b1af64c50266b60a8f6e9df3058e21ab82250663068b0a4

    • SSDEEP

      6144:pXXcRgs3r9vIum2Tg0N63KAOjUB1RkrwjYlz3PwJ/sGg3F:pXsRP3r9HmeJUJU3fwJs3F

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks