mystic | 9b32a6358eda45e3b2d904ca07e3ac5f5dc272887306f8d90e566d38d167498f | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-1703-x64

Sharing

General

Target

9b32a6358eda45e3b2d904ca07e3ac5f5dc272887306f8d90e566d38d167498f
Size

1.6MB
Sample

231005-1737qsff3x
MD5

bac91eda5be391e789537c3584fb17b8
SHA1

9268e84399ac47559cd9d6f10044bda423ceba9b
SHA256

9b32a6358eda45e3b2d904ca07e3ac5f5dc272887306f8d90e566d38d167498f
SHA512

e53450caf5dae4b2f6b35cf1ef068ec42178611727f78bcb9bb3c5de09bb7328d1fb2202c9c90ec3d8ad00cc7df999730cfc08a9937450103c39ff071d955a46
SSDEEP

24576:Ry2T0FXbC+/Te9mLmk3AeZhrWYsubCCnb/6gKc2eKYMeFaiXRRjc2d0Lk+X:E2T0NbnAk3rxWAbCC7R2eT5X/I

Score

10^/10

mystic persistence stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9b32a6358eda45e3b2d904ca07e3ac5f5dc272887306f8d90e566d38d167498f.exe

Resource

win10-20230915-en

mystic persistence stealer

windows10-1703-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  9b32a6358eda45e3b2d904ca07e3ac5f5dc272887306f8d90e566d38d167498f
- Size
  
  1.6MB
- MD5
  
  bac91eda5be391e789537c3584fb17b8
- SHA1
  
  9268e84399ac47559cd9d6f10044bda423ceba9b
- SHA256
  
  9b32a6358eda45e3b2d904ca07e3ac5f5dc272887306f8d90e566d38d167498f
- SHA512
  
  e53450caf5dae4b2f6b35cf1ef068ec42178611727f78bcb9bb3c5de09bb7328d1fb2202c9c90ec3d8ad00cc7df999730cfc08a9937450103c39ff071d955a46
- SSDEEP
  
  24576:Ry2T0FXbC+/Te9mLmk3AeZhrWYsubCCnb/6gKc2eKYMeFaiXRRjc2d0Lk+X:E2T0NbnAk3rxWAbCC7R2eT5X/I
Score

10^/10

mystic persistence stealer
- Detect Mystic stealer payload
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mysticpersistencestealer

© 2018-2025

Terms | Privacy