Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c84a5d84e0bbb6e22a908d94311f8194d3e434aedaabc87f9daa8845979326c6

  • Size

    379KB

  • Sample

    231011-recdwabh8w

  • MD5

    4c8ff63a12b1d0e762bc3ddbe7cc2c39

  • SHA1

    fabd4d57e69b13b7b0e66fa889678605bb626be8

  • SHA256

    c84a5d84e0bbb6e22a908d94311f8194d3e434aedaabc87f9daa8845979326c6

  • SHA512

    ca2c67bf8f20179b2c18b149c9c4068b5aee679d13938316be77723fa5379498638d4e470bb62d60f29304180c05ea687f2376f64645fe4fc2699e42f4487ce1

  • SSDEEP

    6144:9a+cRgs3r9vIum2Tg0N63KAOD+q8PQEgm9BsPrghYz87JxUztRSg3F:9aVRP3r9Hmelt8PQ498g6zMxk/p3F

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      c84a5d84e0bbb6e22a908d94311f8194d3e434aedaabc87f9daa8845979326c6

    • Size

      379KB

    • MD5

      4c8ff63a12b1d0e762bc3ddbe7cc2c39

    • SHA1

      fabd4d57e69b13b7b0e66fa889678605bb626be8

    • SHA256

      c84a5d84e0bbb6e22a908d94311f8194d3e434aedaabc87f9daa8845979326c6

    • SHA512

      ca2c67bf8f20179b2c18b149c9c4068b5aee679d13938316be77723fa5379498638d4e470bb62d60f29304180c05ea687f2376f64645fe4fc2699e42f4487ce1

    • SSDEEP

      6144:9a+cRgs3r9vIum2Tg0N63KAOD+q8PQEgm9BsPrghYz87JxUztRSg3F:9aVRP3r9Hmelt8PQ498g6zMxk/p3F

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks