General

  • Target

    b93b05beb12dcc8b24f033025d5259e181488a4df7ed33169f5db77eeeb0413c

  • Size

    1.2MB

  • Sample

    231007-ez63rsbd63

  • MD5

    545b27b16cae4aefc4348a7d42d8588c

  • SHA1

    a20ba280a3767b352add9ac5e24228d506248a46

  • SHA256

    b93b05beb12dcc8b24f033025d5259e181488a4df7ed33169f5db77eeeb0413c

  • SHA512

    2bef2372bd15a49e5949c5de2e9569560cdcf138f91f4bf94d642c73ca379a32f4491169bae15817d4759af254d2833d8a8aff3ca522f5d49cdd859866408924

  • SSDEEP

    24576:RyqUi7Q5qCIrR2yV9PI325Ta+u7jpKGnKIl1u6XVCkZwHGIUFXx:EqUi7Q56Rl9K252LVKG1Ludkimj

Malware Config

Targets

    • Target

      b93b05beb12dcc8b24f033025d5259e181488a4df7ed33169f5db77eeeb0413c

    • Size

      1.2MB

    • MD5

      545b27b16cae4aefc4348a7d42d8588c

    • SHA1

      a20ba280a3767b352add9ac5e24228d506248a46

    • SHA256

      b93b05beb12dcc8b24f033025d5259e181488a4df7ed33169f5db77eeeb0413c

    • SHA512

      2bef2372bd15a49e5949c5de2e9569560cdcf138f91f4bf94d642c73ca379a32f4491169bae15817d4759af254d2833d8a8aff3ca522f5d49cdd859866408924

    • SSDEEP

      24576:RyqUi7Q5qCIrR2yV9PI325Ta+u7jpKGnKIl1u6XVCkZwHGIUFXx:EqUi7Q56Rl9K252LVKG1Ludkimj

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks