Overview

overview

10

Static

static

3

5c525e019f...1e.exe

windows7-x64

10

5c525e019f...1e.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5c525e019f3a61bc92f270fbe5f1d3a6a87a9b0c200d50565e3ad46bfd1a181e

  • Size

    1016KB

  • Sample

    231011-krqcyacc8w

  • MD5

    f37b137c62a585afdacd627411c63092

  • SHA1

    ed36219ec5bc2d48b42f1d130a614755e82b9390

  • SHA256

    5c525e019f3a61bc92f270fbe5f1d3a6a87a9b0c200d50565e3ad46bfd1a181e

  • SHA512

    4995dc7433d107de5b02e0d56ba9c779b06805a55340077abcc01fab2a991f1d43760b3b4b6affc6b832c2eb78b2878791fc38defe1203d39b2354e08ddcb9a6

  • SSDEEP

    12288:c+fAoJYEBYDKzcx9jkmP8buy7/0RDMmZZxnyUuyyuAy76npc5/9:c6fYDKzcx9jkmP+/knxyN549

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      5c525e019f3a61bc92f270fbe5f1d3a6a87a9b0c200d50565e3ad46bfd1a181e

    • Size

      1016KB

    • MD5

      f37b137c62a585afdacd627411c63092

    • SHA1

      ed36219ec5bc2d48b42f1d130a614755e82b9390

    • SHA256

      5c525e019f3a61bc92f270fbe5f1d3a6a87a9b0c200d50565e3ad46bfd1a181e

    • SHA512

      4995dc7433d107de5b02e0d56ba9c779b06805a55340077abcc01fab2a991f1d43760b3b4b6affc6b832c2eb78b2878791fc38defe1203d39b2354e08ddcb9a6

    • SSDEEP

      12288:c+fAoJYEBYDKzcx9jkmP8buy7/0RDMmZZxnyUuyyuAy76npc5/9:c6fYDKzcx9jkmP+/knxyN549

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks