Overview

overview

10

Static

static

3

9cb0e46ddf...51.exe

windows7-x64

10

9cb0e46ddf...51.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    9cb0e46ddf8eb2316a08898f452d51ba6f952df7de828b4b5a83624db9d47d51

  • Size

    370KB

  • Sample

    231011-hrjt2sgd5z

  • MD5

    7eca21eb646ded502d90aa847fcbbd54

  • SHA1

    83bd31003db0f5aa3f91d8ce916ee1d502226c2c

  • SHA256

    d962f4a088d03401da2e67f159569e79ffb03be727eec7deefedc2fa76e6a505

  • SHA512

    a66596d1a389d1735db987ac7f22031b3e511d2e25a9a8e2d8a34f07e86c2787de5d4e9e03fe5e357daac3226afa3bd56d7fd1528ebbc1088df4a89953835ee1

  • SSDEEP

    6144:F48YJwTylp7H+62my32XrAwJVEfgxpETgk7K2WcaTpMkxoKix6SWL:F4XJwu7jt2tmXrxVYgjE8kmyaTpyKyy

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      9cb0e46ddf8eb2316a08898f452d51ba6f952df7de828b4b5a83624db9d47d51

    • Size

      1016KB

    • MD5

      acff043c5c92363b1da7de6d4588a687

    • SHA1

      1ec1adbb7c48a8a4ae9d93db22a8fb00068bbb9c

    • SHA256

      9cb0e46ddf8eb2316a08898f452d51ba6f952df7de828b4b5a83624db9d47d51

    • SHA512

      e2e384cfd3428d3f98da98d95b311c87fc73009954648a406c5fb502f181d46c667c90aedfbe535313e20503b16da9849d2e79b26c4486a890bae8fd2067af24

    • SSDEEP

      12288:z+hAo/YSBYDKzcx9jkmP8bey7/0RDMmZZxnyUuyyuMTZA/ZabWeFQ/9:zCJYDKzcx9jkmPe/knxy5A/Zm/u9

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks