Overview

overview

10

Static

static

1

NEAS.696f9...JC.exe

windows7-x64

10

NEAS.696f9...JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.696f9bb8d49eff7dec737f277ef084227623be0ad36beb595642042f29ec0dc8_JC.exe

  • Size

    378KB

  • Sample

    231007-phg3esca8t

  • MD5

    6bb5f10f255b146a3266264464c1ab2f

  • SHA1

    5ba21ea81c17b2b2311d235e321b74cd02915865

  • SHA256

    696f9bb8d49eff7dec737f277ef084227623be0ad36beb595642042f29ec0dc8

  • SHA512

    f61d0059ce0bca39833e358fd5a5e631d54ab23d6945c409e96961b9aa8ecc1377eb39fec448478270b4a27d23a649fd752363cc98fc9f285ca295e0df9688b1

  • SSDEEP

    6144:94zSU92pCryG4kfjSGwEi56AOxGlJTQSlxy6FShKEb2dYPXok0D:94zB2wryNSafzF6Kfdi4pD

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      NEAS.696f9bb8d49eff7dec737f277ef084227623be0ad36beb595642042f29ec0dc8_JC.exe

    • Size

      378KB

    • MD5

      6bb5f10f255b146a3266264464c1ab2f

    • SHA1

      5ba21ea81c17b2b2311d235e321b74cd02915865

    • SHA256

      696f9bb8d49eff7dec737f277ef084227623be0ad36beb595642042f29ec0dc8

    • SHA512

      f61d0059ce0bca39833e358fd5a5e631d54ab23d6945c409e96961b9aa8ecc1377eb39fec448478270b4a27d23a649fd752363cc98fc9f285ca295e0df9688b1

    • SSDEEP

      6144:94zSU92pCryG4kfjSGwEi56AOxGlJTQSlxy6FShKEb2dYPXok0D:94zB2wryNSafzF6Kfdi4pD

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks