General

  • Target

    06da0c27f9d556d411d5d6a0192df4f4179b0b50d1aa0015d88e4866292bf6e1

  • Size

    378KB

  • Sample

    231006-19qdnaae33

  • MD5

    d845e40af5feee8c52cc4d0302282d63

  • SHA1

    4d1d7ff00e0b62caac17aec7dad866567ab4597e

  • SHA256

    06da0c27f9d556d411d5d6a0192df4f4179b0b50d1aa0015d88e4866292bf6e1

  • SHA512

    6b88b7694fdb13f9358c7ef9ce2c845886acd5f2548ebefd2159822626fe642254166fc75e58943f5b67e283ee725199b3da682454f1f2bef187ca1b0319e735

  • SSDEEP

    6144:6kCpCH557yGY/fjBximSLB5aAOXiK0p1oYRAAr6ent0HT88WFVDbJzP0nACVlxQ4:6k5Hr7yV3OW4LRjaT88WfvJIDhxjNj

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      06da0c27f9d556d411d5d6a0192df4f4179b0b50d1aa0015d88e4866292bf6e1

    • Size

      378KB

    • MD5

      d845e40af5feee8c52cc4d0302282d63

    • SHA1

      4d1d7ff00e0b62caac17aec7dad866567ab4597e

    • SHA256

      06da0c27f9d556d411d5d6a0192df4f4179b0b50d1aa0015d88e4866292bf6e1

    • SHA512

      6b88b7694fdb13f9358c7ef9ce2c845886acd5f2548ebefd2159822626fe642254166fc75e58943f5b67e283ee725199b3da682454f1f2bef187ca1b0319e735

    • SSDEEP

      6144:6kCpCH557yGY/fjBximSLB5aAOXiK0p1oYRAAr6ent0HT88WFVDbJzP0nACVlxQ4:6k5Hr7yV3OW4LRjaT88WfvJIDhxjNj

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks