mystic | 7e2fd37d4bb8cc4166498114d887a99f84122f6990cbfc2fe7047c8d41e866da | Triage

Sharing

General

Target

17fa8319d0f676b0a4e69d629e3b46a3.exe
Size

924KB
Sample

230920-vaha4sbe38
MD5

17fa8319d0f676b0a4e69d629e3b46a3
SHA1

7daa97964d11a0bb1af7921c81fb43a06ae16016
SHA256

7e2fd37d4bb8cc4166498114d887a99f84122f6990cbfc2fe7047c8d41e866da
SHA512

a572159e7858c4ae968450bd13e85f9460897c2877da857f7da6dd2da21072dd65c5cf5ecf96d09d99886f16cd7b5432da075d9f1c8128e106276fbe9f101db1
SSDEEP

6144:TNz+5SS9e1jf5dRV5mH8kzRAv/cAOzA1toyJWlKT6yVRVUKxAPIzWxMTYgK11jW6:TNip9e1jf5p5Usv/c26KxAPISkkW5cC

Score

10^/10

mystic spyware stealer

Malware Config

Targets

- Target
  
  17fa8319d0f676b0a4e69d629e3b46a3.exe
- Size
  
  924KB
- MD5
  
  17fa8319d0f676b0a4e69d629e3b46a3
- SHA1
  
  7daa97964d11a0bb1af7921c81fb43a06ae16016
- SHA256
  
  7e2fd37d4bb8cc4166498114d887a99f84122f6990cbfc2fe7047c8d41e866da
- SHA512
  
  a572159e7858c4ae968450bd13e85f9460897c2877da857f7da6dd2da21072dd65c5cf5ecf96d09d99886f16cd7b5432da075d9f1c8128e106276fbe9f101db1
- SSDEEP
  
  6144:TNz+5SS9e1jf5dRV5mH8kzRAv/cAOzA1toyJWlKT6yVRVUKxAPIzWxMTYgK11jW6:TNip9e1jf5p5Usv/c26KxAPISkkW5cC
Score

10^/10

mystic spyware stealer
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mysticspywarestealer

behavioral2