Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b8d2e06474042a1100affefeea7f773f0e3cef79b3ae0dcdd91b70bf2787ff43

  • Size

    364KB

  • Sample

    231011-x6kgfsad99

  • MD5

    5d9d5a2813ecc735b2d14bf713d1d3d2

  • SHA1

    3ace9b76afff0144385f0f3dff38beb8b55e733a

  • SHA256

    b8d2e06474042a1100affefeea7f773f0e3cef79b3ae0dcdd91b70bf2787ff43

  • SHA512

    a58c183421e91ef47a29ba3826dac3f93b8b85bd8444159c2461a2c50e342ea1f1b25f7be28f72e270ade53c7136dfeccb67075d74c7694f76511d957b3362d3

  • SSDEEP

    6144:/VXAxlt3fuPgyxhV5dAOILRScnYqgljBrwpoPGCH:/2xltWTSLR6qgvwQGCH

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      b8d2e06474042a1100affefeea7f773f0e3cef79b3ae0dcdd91b70bf2787ff43

    • Size

      364KB

    • MD5

      5d9d5a2813ecc735b2d14bf713d1d3d2

    • SHA1

      3ace9b76afff0144385f0f3dff38beb8b55e733a

    • SHA256

      b8d2e06474042a1100affefeea7f773f0e3cef79b3ae0dcdd91b70bf2787ff43

    • SHA512

      a58c183421e91ef47a29ba3826dac3f93b8b85bd8444159c2461a2c50e342ea1f1b25f7be28f72e270ade53c7136dfeccb67075d74c7694f76511d957b3362d3

    • SSDEEP

      6144:/VXAxlt3fuPgyxhV5dAOILRScnYqgljBrwpoPGCH:/2xltWTSLR6qgvwQGCH

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks