Overview

overview

10

Static

static

3

933ef839a5...55.exe

windows7-x64

10

933ef839a5...55.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    933ef839a5d23d482dc31264f665b7c00edece81640ffa0ba0621c714c267555

  • Size

    848KB

  • Sample

    231010-z6nj8abf31

  • MD5

    4894a8dae3964b1a648b585a0a9dab4a

  • SHA1

    65f0a461003508d18fafe4d9692f866191fb5f73

  • SHA256

    933ef839a5d23d482dc31264f665b7c00edece81640ffa0ba0621c714c267555

  • SHA512

    898be57f574071149b88f97366705007b1f6ea40a8e173ff08ffc40bdb019c67efc33cdb054eb387980f1a5c30f74642720849021853d5bc8ca73fd5a2249c7f

  • SSDEEP

    12288:kMr2y9046GLQbmTB7B4ehWcciSyCOySTwFhKM9/1nhLGSFCjGlOvZxoWiBlsDQh/:CyYwZB4UW7in9mt/1hlCsOgWivhyI

Score
10/10
mysticpersistencestealer

Malware Config

Targets

    • Target

      933ef839a5d23d482dc31264f665b7c00edece81640ffa0ba0621c714c267555

    • Size

      848KB

    • MD5

      4894a8dae3964b1a648b585a0a9dab4a

    • SHA1

      65f0a461003508d18fafe4d9692f866191fb5f73

    • SHA256

      933ef839a5d23d482dc31264f665b7c00edece81640ffa0ba0621c714c267555

    • SHA512

      898be57f574071149b88f97366705007b1f6ea40a8e173ff08ffc40bdb019c67efc33cdb054eb387980f1a5c30f74642720849021853d5bc8ca73fd5a2249c7f

    • SSDEEP

      12288:kMr2y9046GLQbmTB7B4ehWcciSyCOySTwFhKM9/1nhLGSFCjGlOvZxoWiBlsDQh/:CyYwZB4UW7in9mt/1hlCsOgWivhyI

    Score
    10/10
    mysticpersistencestealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks