Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11xn3297.exe

  • Size

    283KB

  • Sample

    231113-ljcbsacc72

  • MD5

    708a38913766d240f02c4edc8b9d8d2f

  • SHA1

    7a4dcac0016d238b07d3b9169e43d38a425162c1

  • SHA256

    a112d65d90901b6e2e3a4f2872aa2c07aaf7b8b9e3b5dba423b4f027d276bb82

  • SHA512

    22112643ede3f03de2b6096f05cdb32d84c56c0235d3372d1b591483154d1b0d4559a81333e46ece1bec1f924c45a8e87e86496ce0b471cc42b7016d690396db

  • SSDEEP

    6144:yCbb4QXAUtmO2660cjR936sub6oVLNESy7Ud3:LbWw32L936subbVNj8Ud3

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.43/loghub/master

Targets

    • Target

      11xn3297.exe

    • Size

      283KB

    • MD5

      708a38913766d240f02c4edc8b9d8d2f

    • SHA1

      7a4dcac0016d238b07d3b9169e43d38a425162c1

    • SHA256

      a112d65d90901b6e2e3a4f2872aa2c07aaf7b8b9e3b5dba423b4f027d276bb82

    • SHA512

      22112643ede3f03de2b6096f05cdb32d84c56c0235d3372d1b591483154d1b0d4559a81333e46ece1bec1f924c45a8e87e86496ce0b471cc42b7016d690396db

    • SSDEEP

      6144:yCbb4QXAUtmO2660cjR936sub6oVLNESy7Ud3:LbWw32L936subbVNj8Ud3

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks