General

  • Target

    96aba0aa9288dba3e3d494e0c29fbb7d1b82ccf03cc939377eaccbaa0d58fd47

  • Size

    378KB

  • Sample

    231006-11fg4aad83

  • MD5

    0d2422ed4344760043a69205e519c56e

  • SHA1

    fbf4238c6b2e659f5fd3a53ae0d518132a0fd288

  • SHA256

    96aba0aa9288dba3e3d494e0c29fbb7d1b82ccf03cc939377eaccbaa0d58fd47

  • SHA512

    a7292716958f9da560f2ab84e9eea7520452fb44688f8b6c66454c36006696cf178c8a2f6f0013ed6492e08687bacc1037f73cd9f11f92fe86f4c9736dd0227f

  • SSDEEP

    6144:HJCZCH557yGY/fjBximSLB5aAOEitQqmNmNtLB+bVKHMy280tNj:HJpHr7yV3OWxtQqa7UHMy28Wj

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      96aba0aa9288dba3e3d494e0c29fbb7d1b82ccf03cc939377eaccbaa0d58fd47

    • Size

      378KB

    • MD5

      0d2422ed4344760043a69205e519c56e

    • SHA1

      fbf4238c6b2e659f5fd3a53ae0d518132a0fd288

    • SHA256

      96aba0aa9288dba3e3d494e0c29fbb7d1b82ccf03cc939377eaccbaa0d58fd47

    • SHA512

      a7292716958f9da560f2ab84e9eea7520452fb44688f8b6c66454c36006696cf178c8a2f6f0013ed6492e08687bacc1037f73cd9f11f92fe86f4c9736dd0227f

    • SSDEEP

      6144:HJCZCH557yGY/fjBximSLB5aAOEitQqmNmNtLB+bVKHMy280tNj:HJpHr7yV3OWxtQqa7UHMy28Wj

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks