General

  • Target

    e55cd557d651e570b2504ce4c3e1f4ba4cf376b5f4420fcc9fa77c2860405e86

  • Size

    1.2MB

  • Sample

    231007-fbyxxshb6x

  • MD5

    76c16f29118d04c063e007cd6897389c

  • SHA1

    e494cafb7a1f637c4475fb55c6f8e97f301f29d7

  • SHA256

    e55cd557d651e570b2504ce4c3e1f4ba4cf376b5f4420fcc9fa77c2860405e86

  • SHA512

    1069eddb8e073d883ce85ea788fcb4debc83c9efecc48d9a1ae0b4ece3ee805b0abf6d2246ebe8b44fd801f31648f9c59d5c08501acbdd0b8d5594817030aec9

  • SSDEEP

    24576:1yEvqzCCWv1AtF8Ol17au684y+CUTD4gVqZiJ6YGRs+TifsiQg0V0Ci:QEvqzCCKEF8pL8RMD7wZiMbTiEg

Malware Config

Targets

    • Target

      e55cd557d651e570b2504ce4c3e1f4ba4cf376b5f4420fcc9fa77c2860405e86

    • Size

      1.2MB

    • MD5

      76c16f29118d04c063e007cd6897389c

    • SHA1

      e494cafb7a1f637c4475fb55c6f8e97f301f29d7

    • SHA256

      e55cd557d651e570b2504ce4c3e1f4ba4cf376b5f4420fcc9fa77c2860405e86

    • SHA512

      1069eddb8e073d883ce85ea788fcb4debc83c9efecc48d9a1ae0b4ece3ee805b0abf6d2246ebe8b44fd801f31648f9c59d5c08501acbdd0b8d5594817030aec9

    • SSDEEP

      24576:1yEvqzCCWv1AtF8Ol17au684y+CUTD4gVqZiJ6YGRs+TifsiQg0V0Ci:QEvqzCCKEF8pL8RMD7wZiMbTiEg

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks