General

  • Target

    NEAS.ce0ce7611859a7ccf000beb3aea5ee1c82c7078b358ead786808e6d22cdfeeef_JC.exe

  • Size

    378KB

  • Sample

    231006-znw4msab37

  • MD5

    9ea3cf4774af670dfd199a23238f5c63

  • SHA1

    3fca7f4d700320a2c8e1babc39b31f814b131d57

  • SHA256

    ce0ce7611859a7ccf000beb3aea5ee1c82c7078b358ead786808e6d22cdfeeef

  • SHA512

    facd743ed7f25055e97b0f14fe2caa30df05dbfa17a83e99efcfae8a8887baee4fe71eed138b55352951d81f8e7aada3b110b2367f1e892cbaef64b37db1fe17

  • SSDEEP

    6144:m42S092pCryG4kfjSGwEi56AOgGYh7+5bDSHKo5loxaaQ9LvXzq7wq+0D:m42p2wryNStYpx7lo49zX23D

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      NEAS.ce0ce7611859a7ccf000beb3aea5ee1c82c7078b358ead786808e6d22cdfeeef_JC.exe

    • Size

      378KB

    • MD5

      9ea3cf4774af670dfd199a23238f5c63

    • SHA1

      3fca7f4d700320a2c8e1babc39b31f814b131d57

    • SHA256

      ce0ce7611859a7ccf000beb3aea5ee1c82c7078b358ead786808e6d22cdfeeef

    • SHA512

      facd743ed7f25055e97b0f14fe2caa30df05dbfa17a83e99efcfae8a8887baee4fe71eed138b55352951d81f8e7aada3b110b2367f1e892cbaef64b37db1fe17

    • SSDEEP

      6144:m42S092pCryG4kfjSGwEi56AOgGYh7+5bDSHKo5loxaaQ9LvXzq7wq+0D:m42p2wryNStYpx7lo49zX23D

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks