Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8f79bc43c15368c61c23f56528eb9f7d0db644af472e0ca8ed58256491c71800

  • Size

    479KB

  • Sample

    240417-qcewjsab2s

  • MD5

    e0e69e23cdcdc31c9f9abeae445db55f

  • SHA1

    8bbfd28076bb68e74fd3fb01751ccdc62a1e9647

  • SHA256

    8f79bc43c15368c61c23f56528eb9f7d0db644af472e0ca8ed58256491c71800

  • SHA512

    65bc29eaea1952048a46741cd654ae62d4280ded62300402af66139c470d331fdaeb0187facbd609482bbb4aa0b2610cf40add06bcbcdeb8f55685600aee33fc

  • SSDEEP

    12288:BPhfRNaNoIBCSdsetlS2WJYEDXoFVmSNaEPwsUM11Q5jF3L:eoI9dZS2unsFVZNaEPwsbyVhL

Malware Config

Targets

    • Target

      8abe67f3fa19414604fbb2a1510012895dbf0e89c55c9ff8d1a156b868ee9bf9.exe

    • Size

      523KB

    • MD5

      dcee3487134de31384cc480650d0b872

    • SHA1

      728aac232b591c08d2a0a727a5024afdb17f3b56

    • SHA256

      8abe67f3fa19414604fbb2a1510012895dbf0e89c55c9ff8d1a156b868ee9bf9

    • SHA512

      dd0751578f48b5a2e6931c31865c235f464fb3d6fe4bdbd8389ab9d8429b0ffb69205773b276dc930ab1dc672fe7ed724559bdb4a1896ba26bc9cd3b74570399

    • SSDEEP

      12288:4Mr8y900yOk63JeBswLMA9Kyzr7Hx/XupZF7:UyMx0eB0Ryzr7Hx/XupZF7

    • Detect Mystic stealer payload

    • Modifies Windows Defender Real-time Protection settings

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.