mystic | 3531ad4ec5295738de8e2bff0e4ccc0fb60d666d28924ae97c56f350374710eb | Triage

Sharing

General

Target

3531ad4ec5295738de8e2bff0e4ccc0fb60d666d28924ae97c56f350374710eb
Size

1.2MB
Sample

231006-yj36qafe7v
MD5

de18f247b870522e20e634c1b3a16a7d
SHA1

eea901901fa2750df654e479264f23993b3232a5
SHA256

3531ad4ec5295738de8e2bff0e4ccc0fb60d666d28924ae97c56f350374710eb
SHA512

94c8dce4a0833310220246d5a1a1c7663be9bf8764b77756709f4ba4327bef35ff3ff2939333677ef7f97474508435203dfc99f3205fda8ee0504a90eb4a950e
SSDEEP

24576:JyYV/93BkIjo5wWWNRNTWebCUJC+SxsbxeXAtg/E6bnuoT+iBBv:8YNxaEWWNRNTW3UJix6Ibnuo6iB

Score

10^/10

mystic evasion persistence stealer trojan

Malware Config

Targets

- Target
  
  3531ad4ec5295738de8e2bff0e4ccc0fb60d666d28924ae97c56f350374710eb
- Size
  
  1.2MB
- MD5
  
  de18f247b870522e20e634c1b3a16a7d
- SHA1
  
  eea901901fa2750df654e479264f23993b3232a5
- SHA256
  
  3531ad4ec5295738de8e2bff0e4ccc0fb60d666d28924ae97c56f350374710eb
- SHA512
  
  94c8dce4a0833310220246d5a1a1c7663be9bf8764b77756709f4ba4327bef35ff3ff2939333677ef7f97474508435203dfc99f3205fda8ee0504a90eb4a950e
- SSDEEP
  
  24576:JyYV/93BkIjo5wWWNRNTWebCUJC+SxsbxeXAtg/E6bnuoT+iBBv:8YNxaEWWNRNTW3UJix6Ibnuo6iB
Score

10^/10

mystic evasion persistence stealer trojan
- Detect Mystic stealer payload
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Executes dropped EXE
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mysticevasionpersistencestealertrojan