General

  • Target

    767d9d2aa447513e14aaef4c0c57d0d1c463b41481e94f22c00bde46bb714394

  • Size

    378KB

  • Sample

    231006-1tcgvsad49

  • MD5

    f3046db23a78bee8d868d4ce466b37b5

  • SHA1

    30a9eb144198171d9211756c66007d44d4519b6a

  • SHA256

    767d9d2aa447513e14aaef4c0c57d0d1c463b41481e94f22c00bde46bb714394

  • SHA512

    c0bce13e2c0d3ca896c9c8d8993bcd6795aa85e4f02e143ed4847cbf6e24f3c75d0e46314fdc0fbccbb0ba0818684518a250f2441947fcff1f5a76fd82c39104

  • SSDEEP

    6144:gqCrCH557yGY/fjBximSLB5aAOViuTsD6A2rDZShOnls2JtNj:gq7Hr7yV3OWSuTO6L5IO6Aj

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      767d9d2aa447513e14aaef4c0c57d0d1c463b41481e94f22c00bde46bb714394

    • Size

      378KB

    • MD5

      f3046db23a78bee8d868d4ce466b37b5

    • SHA1

      30a9eb144198171d9211756c66007d44d4519b6a

    • SHA256

      767d9d2aa447513e14aaef4c0c57d0d1c463b41481e94f22c00bde46bb714394

    • SHA512

      c0bce13e2c0d3ca896c9c8d8993bcd6795aa85e4f02e143ed4847cbf6e24f3c75d0e46314fdc0fbccbb0ba0818684518a250f2441947fcff1f5a76fd82c39104

    • SSDEEP

      6144:gqCrCH557yGY/fjBximSLB5aAOViuTsD6A2rDZShOnls2JtNj:gq7Hr7yV3OWSuTO6L5IO6Aj

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks