General

  • Target

    4edcbd529773206baaa7368a78a98e9cd982040411031b04042d234e13671a73

  • Size

    1.2MB

  • Sample

    231007-hvmecabh73

  • MD5

    abf421b05e06b74cb8fd859b888b2aea

  • SHA1

    eddfb20d024ee059124b920b2f91d16375dbb96f

  • SHA256

    4edcbd529773206baaa7368a78a98e9cd982040411031b04042d234e13671a73

  • SHA512

    47aefd1c3a2763f2a35daf5be7ff2d77af4b9095a429b226f49be9055bda404fab5c1172230585106335a6fff7a9a16404f8cf0edf4ed8da14086373024528f6

  • SSDEEP

    24576:QyY5SfnUKnEMhA2+9wLJs05EWq1j2lqj98dP:XWSf+MhJbuOEvkl0I

Malware Config

Targets

    • Target

      4edcbd529773206baaa7368a78a98e9cd982040411031b04042d234e13671a73

    • Size

      1.2MB

    • MD5

      abf421b05e06b74cb8fd859b888b2aea

    • SHA1

      eddfb20d024ee059124b920b2f91d16375dbb96f

    • SHA256

      4edcbd529773206baaa7368a78a98e9cd982040411031b04042d234e13671a73

    • SHA512

      47aefd1c3a2763f2a35daf5be7ff2d77af4b9095a429b226f49be9055bda404fab5c1172230585106335a6fff7a9a16404f8cf0edf4ed8da14086373024528f6

    • SSDEEP

      24576:QyY5SfnUKnEMhA2+9wLJs05EWq1j2lqj98dP:XWSf+MhJbuOEvkl0I

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks