Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5927421ea1e8378599ca4bb5d86d10612f4ee3676e4c1ac800fa98f2b05245b2

  • Size

    365KB

  • Sample

    231012-cmtwkaaa2v

  • MD5

    393cefe800a09c68789e124b4248539a

  • SHA1

    58dfb43b9f82d56dd2c4e9e66f0536a3786fe99c

  • SHA256

    5927421ea1e8378599ca4bb5d86d10612f4ee3676e4c1ac800fa98f2b05245b2

  • SHA512

    ca383c72cf4f489db283461a01f319440df576718fb3f2309224fccd0c6ef9b3a03f3a15386019497162b17fda9e7c0439a9ec0e1475fa94199287b90a863f35

  • SSDEEP

    6144:W65frpxdonyq4zaG2u5AOPeK3GjznU+g0s3FDH8AYI2S/02H2RDMHg2HTcPW7jO0:Wcrp0/9u5Re+QTjd0DcTrwgvquqp

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      5927421ea1e8378599ca4bb5d86d10612f4ee3676e4c1ac800fa98f2b05245b2

    • Size

      365KB

    • MD5

      393cefe800a09c68789e124b4248539a

    • SHA1

      58dfb43b9f82d56dd2c4e9e66f0536a3786fe99c

    • SHA256

      5927421ea1e8378599ca4bb5d86d10612f4ee3676e4c1ac800fa98f2b05245b2

    • SHA512

      ca383c72cf4f489db283461a01f319440df576718fb3f2309224fccd0c6ef9b3a03f3a15386019497162b17fda9e7c0439a9ec0e1475fa94199287b90a863f35

    • SSDEEP

      6144:W65frpxdonyq4zaG2u5AOPeK3GjznU+g0s3FDH8AYI2S/02H2RDMHg2HTcPW7jO0:Wcrp0/9u5Re+QTjd0DcTrwgvquqp

    Score
    10/10
    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks