Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.531c40476c986618c0cfbf89781b5cb0.exe

  • Size

    656KB

  • Sample

    231116-llpd5aba4w

  • MD5

    531c40476c986618c0cfbf89781b5cb0

  • SHA1

    5bce01285d7622be7f733a44d4d17553d0b60239

  • SHA256

    1ec7f741d88adec1b6c76f7aecc0478a35b80faf5f0e422f72daff71404fd334

  • SHA512

    8c9fe24b075c8fcce4710d26fa19dc9d2f9dc6dddc1cbef7da2e8339e7175b8aef4fe821f62c228dc1f5ffa9de73d62cc12b605b9e0021611235bea47a94b624

  • SSDEEP

    12288:aMrBy90S0NA0H7Gae/4IC50pCCHGN0PLvYMXiYQbDL6+Kw8Dy//Atsp5IE3:LyViaaewIsgCQGIgYDYKje/cnE3

Malware Config

Targets

    • Target

      NEAS.531c40476c986618c0cfbf89781b5cb0.exe

    • Size

      656KB

    • MD5

      531c40476c986618c0cfbf89781b5cb0

    • SHA1

      5bce01285d7622be7f733a44d4d17553d0b60239

    • SHA256

      1ec7f741d88adec1b6c76f7aecc0478a35b80faf5f0e422f72daff71404fd334

    • SHA512

      8c9fe24b075c8fcce4710d26fa19dc9d2f9dc6dddc1cbef7da2e8339e7175b8aef4fe821f62c228dc1f5ffa9de73d62cc12b605b9e0021611235bea47a94b624

    • SSDEEP

      12288:aMrBy90S0NA0H7Gae/4IC50pCCHGN0PLvYMXiYQbDL6+Kw8Dy//Atsp5IE3:LyViaaewIsgCQGIgYDYKje/cnE3

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Detected potential entity reuse from brand paypal.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.