General

  • Target

    31301f486f8704befd94ec90821eb70bde27367217c7d015417e27cc77a8352e

  • Size

    378KB

  • Sample

    231006-13r9nsad96

  • MD5

    0cba83292a6a12a83ffd407229639698

  • SHA1

    b164acfb5e1c78121abd7bfdaa82fe85bc2c1662

  • SHA256

    31301f486f8704befd94ec90821eb70bde27367217c7d015417e27cc77a8352e

  • SHA512

    312818a90cd2f5c6172b5077cbfdd3ebd8e415a6345c7f3d8a7c3135529ff47e1c770199fc6fdac6da08bf209124e83001417afd18d49e3555e69ccc3ba2c610

  • SSDEEP

    6144:P4WSG92pCryG4kfjSGwEi56AOrGC/1PeYEuC7THP+mNC0D:P4Wn2wryNSc0eYy+oD

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      31301f486f8704befd94ec90821eb70bde27367217c7d015417e27cc77a8352e

    • Size

      378KB

    • MD5

      0cba83292a6a12a83ffd407229639698

    • SHA1

      b164acfb5e1c78121abd7bfdaa82fe85bc2c1662

    • SHA256

      31301f486f8704befd94ec90821eb70bde27367217c7d015417e27cc77a8352e

    • SHA512

      312818a90cd2f5c6172b5077cbfdd3ebd8e415a6345c7f3d8a7c3135529ff47e1c770199fc6fdac6da08bf209124e83001417afd18d49e3555e69ccc3ba2c610

    • SSDEEP

      6144:P4WSG92pCryG4kfjSGwEi56AOrGC/1PeYEuC7THP+mNC0D:P4Wn2wryNSc0eYy+oD

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks