Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    961f2f439d3d9d1ab362b4b21b7b82fe6316106066625c3aee38cc36e80f9483

  • Size

    1.6MB

  • Sample

    231004-spjrdacg2v

  • MD5

    94fea1e8d24695cb0c1dd150c2c5fc0f

  • SHA1

    2034f1b6a912537c847eca5fda569c0b043b1fe7

  • SHA256

    961f2f439d3d9d1ab362b4b21b7b82fe6316106066625c3aee38cc36e80f9483

  • SHA512

    a4964db131d090750fbf6ebb083c4615920f88b09c0ce2f18c3c2fa8699259e4184ecff6024e157bbdc9ab994dab8e464d0c91a8bff8b07a487848745550a4ad

  • SSDEEP

    24576:ZyqgGzdJizgED92w8GRSwasra4jkePLDThKI3y2pQifu7VbR52T0KMi7pdsf:M1xT2mMRsW8keQI3y2Vil5I0

Score
10/10
mysticpersistencestealer

Malware Config

Targets

    • Target

      961f2f439d3d9d1ab362b4b21b7b82fe6316106066625c3aee38cc36e80f9483

    • Size

      1.6MB

    • MD5

      94fea1e8d24695cb0c1dd150c2c5fc0f

    • SHA1

      2034f1b6a912537c847eca5fda569c0b043b1fe7

    • SHA256

      961f2f439d3d9d1ab362b4b21b7b82fe6316106066625c3aee38cc36e80f9483

    • SHA512

      a4964db131d090750fbf6ebb083c4615920f88b09c0ce2f18c3c2fa8699259e4184ecff6024e157bbdc9ab994dab8e464d0c91a8bff8b07a487848745550a4ad

    • SSDEEP

      24576:ZyqgGzdJizgED92w8GRSwasra4jkePLDThKI3y2pQifu7VbR52T0KMi7pdsf:M1xT2mMRsW8keQI3y2Vil5I0

    Score
    10/10
    mysticpersistencestealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks