Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    700KB

  • Sample

    231012-h3sakadd4y

  • MD5

    169ea2c57794dc69d9c869bddb6da795

  • SHA1

    fe6f42340e64099209aefd6c787d6423475a8b57

  • SHA256

    3d1a2b1b79e9874f189e7fe2f975bec1ee7304dd55cb36e65d9686950f4a7410

  • SHA512

    6a518c060da2f9d6766d461064bf36189701dbb53315bbc0c366c4e172b8adeb664c3f2b9ebfc66da738e42904e43eb4cfa5f0b2be1880d0a46d1cba25124d0f

  • SSDEEP

    6144:1SvGAafgBMniUwluzlcy/XVucQ5BH8MA5OZa8aUCID4Iij0wtvfz:gGfg2i8VucQ5BHiOZa8ad3ILw9z

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      file.exe

    • Size

      700KB

    • MD5

      169ea2c57794dc69d9c869bddb6da795

    • SHA1

      fe6f42340e64099209aefd6c787d6423475a8b57

    • SHA256

      3d1a2b1b79e9874f189e7fe2f975bec1ee7304dd55cb36e65d9686950f4a7410

    • SHA512

      6a518c060da2f9d6766d461064bf36189701dbb53315bbc0c366c4e172b8adeb664c3f2b9ebfc66da738e42904e43eb4cfa5f0b2be1880d0a46d1cba25124d0f

    • SSDEEP

      6144:1SvGAafgBMniUwluzlcy/XVucQ5BH8MA5OZa8aUCID4Iij0wtvfz:gGfg2i8VucQ5BHiOZa8ad3ILw9z

    Score
    10/10
    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks