General

  • Target

    NEAS.c0ab662918d619b83ae7e65341e4799621c27c0681ec172f8f9fb5713dd7bc78_JC.exe

  • Size

    378KB

  • Sample

    231006-znrh6afh7z

  • MD5

    6f478b76570ce8bcc2099b1518a3ddd2

  • SHA1

    85c7328113944346ceeaab1f7dd50444a96b9552

  • SHA256

    c0ab662918d619b83ae7e65341e4799621c27c0681ec172f8f9fb5713dd7bc78

  • SHA512

    afada22d9c586e65567c2f38969873cde024b2886d96bb9b4f171c8cb7c92dbad0b31c674a9b7b56e580ab19d185ab0e9b05e7a0b184513b925017dc27ab979f

  • SSDEEP

    6144:CbGCbCH557yGY/fjBximSLB5aAODiV1tuUzbGBiEwrH3yj94yftNj:CybHr7yV3OWwftuEGBiEwrHijxnj

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      NEAS.c0ab662918d619b83ae7e65341e4799621c27c0681ec172f8f9fb5713dd7bc78_JC.exe

    • Size

      378KB

    • MD5

      6f478b76570ce8bcc2099b1518a3ddd2

    • SHA1

      85c7328113944346ceeaab1f7dd50444a96b9552

    • SHA256

      c0ab662918d619b83ae7e65341e4799621c27c0681ec172f8f9fb5713dd7bc78

    • SHA512

      afada22d9c586e65567c2f38969873cde024b2886d96bb9b4f171c8cb7c92dbad0b31c674a9b7b56e580ab19d185ab0e9b05e7a0b184513b925017dc27ab979f

    • SSDEEP

      6144:CbGCbCH557yGY/fjBximSLB5aAODiV1tuUzbGBiEwrH3yj94yftNj:CybHr7yV3OWwftuEGBiEwrHijxnj

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks