mystic | 8023330643b3bc77149a549f571a6cf2d132a68176190fbbd58f745633e06e6f | Triage

Submit
Reports

Overview

overview

Static

static

3

8023330643...6f.exe

windows7-x64

8023330643...6f.exe

windows10-2004-x64

Sharing

General

Target

8023330643b3bc77149a549f571a6cf2d132a68176190fbbd58f745633e06e6f
Size

356KB
Sample

231010-134byagf43
MD5

d912a3c69d8309f378e397b2ac216110
SHA1

0e81fb9744ca37b93399fe49e9af77d2c92f70ca
SHA256

8023330643b3bc77149a549f571a6cf2d132a68176190fbbd58f745633e06e6f
SHA512

e9f1be71a0d5b8a8f3bb2356edaf7312f6b80d0f5a0af5f7e1e225484475e70edb3af8d45c1200401fabcde7423d5ce64d5cd9c9d9c75d7bcdbbca4d645e0a1f
SSDEEP

6144:P7TeW/s5GqrO5aXnfEGIXWPvZAOOy6ySahqL+PtR1yrInlDVs0BC+:GmcGqrOk86xUySahqL+P5ygs0BC+

Score

10^/10

mystic stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8023330643b3bc77149a549f571a6cf2d132a68176190fbbd58f745633e06e6f.exe

Resource

win7-20230831-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

8023330643b3bc77149a549f571a6cf2d132a68176190fbbd58f745633e06e6f.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

- Target
  
  8023330643b3bc77149a549f571a6cf2d132a68176190fbbd58f745633e06e6f
- Size
  
  356KB
- MD5
  
  d912a3c69d8309f378e397b2ac216110
- SHA1
  
  0e81fb9744ca37b93399fe49e9af77d2c92f70ca
- SHA256
  
  8023330643b3bc77149a549f571a6cf2d132a68176190fbbd58f745633e06e6f
- SHA512
  
  e9f1be71a0d5b8a8f3bb2356edaf7312f6b80d0f5a0af5f7e1e225484475e70edb3af8d45c1200401fabcde7423d5ce64d5cd9c9d9c75d7bcdbbca4d645e0a1f
- SSDEEP
  
  6144:P7TeW/s5GqrO5aXnfEGIXWPvZAOOy6ySahqL+PtR1yrInlDVs0BC+:GmcGqrOk86xUySahqL+P5ygs0BC+
Score

10^/10

mystic stealer
- Detect Mystic stealer payload
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy