General

  • Target

    99804119d08b3d748ecd2dd206b784435787220cf2492e91464341833021f6a2

  • Size

    1.2MB

  • Sample

    231006-181s1aae28

  • MD5

    7149b8c4217c09319295e64ad92ebf31

  • SHA1

    ef8e9d3ef9545a81d886183daa697e8b1b6eeb11

  • SHA256

    99804119d08b3d748ecd2dd206b784435787220cf2492e91464341833021f6a2

  • SHA512

    64d40eb664aa4fac873ad36d17b6c193580d314faa062b2e2b1e9ac0c644bee8d10549d0b5e37a126b6f81a04fa0154324b9c34b0a653d658198d89083eee7c2

  • SSDEEP

    24576:1yD4z9Kdvv50DPMnV1KyWwpDmn4n3KaHJGpK2OFAU4cL73pAy:Q8z6vvo0V1Kvw4mtJGpDOCRK736

Malware Config

Targets

    • Target

      99804119d08b3d748ecd2dd206b784435787220cf2492e91464341833021f6a2

    • Size

      1.2MB

    • MD5

      7149b8c4217c09319295e64ad92ebf31

    • SHA1

      ef8e9d3ef9545a81d886183daa697e8b1b6eeb11

    • SHA256

      99804119d08b3d748ecd2dd206b784435787220cf2492e91464341833021f6a2

    • SHA512

      64d40eb664aa4fac873ad36d17b6c193580d314faa062b2e2b1e9ac0c644bee8d10549d0b5e37a126b6f81a04fa0154324b9c34b0a653d658198d89083eee7c2

    • SSDEEP

      24576:1yD4z9Kdvv50DPMnV1KyWwpDmn4n3KaHJGpK2OFAU4cL73pAy:Q8z6vvo0V1Kvw4mtJGpDOCRK736

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks