Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file

  • Size

    356KB

  • Sample

    231011-hkza6ahh84

  • MD5

    563ea0b001de039977dda41650318bf8

  • SHA1

    960334e5824882b27a5e3e73ae703b4de2ed0e02

  • SHA256

    885d6abe4ce4819b6ae96807220378f5b48496df0c2908e1965340465d77f77c

  • SHA512

    31e71d1e1105a171aa5a24297f686a2265c748b0391a0878bb8e6fdb7a6ae4d982725539455470db35a5669dacf33ce75ee40e07bb255767d75b6479446ae1e9

  • SSDEEP

    6144:diTeW/s5GqrO5aXnfEGIXWPvZAOPydefHB1fjcSVPx6t6mv6BCBD4FVs0BC+:RmcGqrOk86xJfHBVjPPx6t6mA0Ss0BC+

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      file

    • Size

      356KB

    • MD5

      563ea0b001de039977dda41650318bf8

    • SHA1

      960334e5824882b27a5e3e73ae703b4de2ed0e02

    • SHA256

      885d6abe4ce4819b6ae96807220378f5b48496df0c2908e1965340465d77f77c

    • SHA512

      31e71d1e1105a171aa5a24297f686a2265c748b0391a0878bb8e6fdb7a6ae4d982725539455470db35a5669dacf33ce75ee40e07bb255767d75b6479446ae1e9

    • SSDEEP

      6144:diTeW/s5GqrO5aXnfEGIXWPvZAOPydefHB1fjcSVPx6t6mv6BCBD4FVs0BC+:RmcGqrOk86xJfHBVjPPx6t6mA0Ss0BC+

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks