General

  • Target

    c422c082425ec905ff288d89007ea7a31110b996b338aa7d46c23581af8e15e9

  • Size

    378KB

  • Sample

    231006-zn5e1sab39

  • MD5

    9abc52c70cb0cd9fd2e505c7a11daf28

  • SHA1

    eaf4821001a29756d009b3907acadad6b17806a6

  • SHA256

    c422c082425ec905ff288d89007ea7a31110b996b338aa7d46c23581af8e15e9

  • SHA512

    cf94ee9deb7a0344eaaf7ee5b2a947078be8db6bd14ebf0c385ab4d7b78e988566b0ae297e36a7a59870b846cc7f25e5ef472fe84de806b10b89ac180ec687e1

  • SSDEEP

    6144:N4lSu92pCryG4kfjSGwEi56AORGRwEFrU7Kr2r+VHmrDqDY0D:N4l/2wryNSmRwEFrUQ2rGHm3qDtD

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      c422c082425ec905ff288d89007ea7a31110b996b338aa7d46c23581af8e15e9

    • Size

      378KB

    • MD5

      9abc52c70cb0cd9fd2e505c7a11daf28

    • SHA1

      eaf4821001a29756d009b3907acadad6b17806a6

    • SHA256

      c422c082425ec905ff288d89007ea7a31110b996b338aa7d46c23581af8e15e9

    • SHA512

      cf94ee9deb7a0344eaaf7ee5b2a947078be8db6bd14ebf0c385ab4d7b78e988566b0ae297e36a7a59870b846cc7f25e5ef472fe84de806b10b89ac180ec687e1

    • SSDEEP

      6144:N4lSu92pCryG4kfjSGwEi56AORGRwEFrU7Kr2r+VHmrDqDY0D:N4l/2wryNSmRwEFrUQ2rGHm3qDtD

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks