General

  • Target

    NEAS.c62abbf9fab987d3802410dd05ac6f53716de34cd6f30f2b8b000099b6940fc3_JC.exe

  • Size

    378KB

  • Sample

    231006-znsq8afh71

  • MD5

    0e8cb45d860ee924a2b521687a195e42

  • SHA1

    05a004aa7cbfd6e660fdc40b448d53c709d5bbb4

  • SHA256

    c62abbf9fab987d3802410dd05ac6f53716de34cd6f30f2b8b000099b6940fc3

  • SHA512

    78410470b47c6845fed06dc62e0d7cc4f261374627c2c2af152b646e84314006f0dd3f72d8a44fdb5df49dda11670cec9876c70c358d4c5d9a70edfb47af8398

  • SSDEEP

    6144:m4MSk92pCryG4kfjSGwEi56AOkGPpE1qfCTO3CAIaPK5SK0D:m4MR2wryNStawoeCAIaPKYD

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      NEAS.c62abbf9fab987d3802410dd05ac6f53716de34cd6f30f2b8b000099b6940fc3_JC.exe

    • Size

      378KB

    • MD5

      0e8cb45d860ee924a2b521687a195e42

    • SHA1

      05a004aa7cbfd6e660fdc40b448d53c709d5bbb4

    • SHA256

      c62abbf9fab987d3802410dd05ac6f53716de34cd6f30f2b8b000099b6940fc3

    • SHA512

      78410470b47c6845fed06dc62e0d7cc4f261374627c2c2af152b646e84314006f0dd3f72d8a44fdb5df49dda11670cec9876c70c358d4c5d9a70edfb47af8398

    • SSDEEP

      6144:m4MSk92pCryG4kfjSGwEi56AOkGPpE1qfCTO3CAIaPK5SK0D:m4MR2wryNStawoeCAIaPKYD

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks