Overview

overview

10

Static

static

3

e62fe81a4d...6a.exe

windows7-x64

10

e62fe81a4d...6a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e62fe81a4d4bd11dc112c66fd18a736dd8cb6252c1bdf22ff62e09f2a537196a

  • Size

    197KB

  • Sample

    231011-lwdelsfa61

  • MD5

    132b75d9332113116380e2b5cee89753

  • SHA1

    47e2439390e29f5bd66bf41daa18f30973f79f41

  • SHA256

    766aeaa7d8a7d736f2f98ca0f932af162d2a107005a49579d6c0dcbaf6567a94

  • SHA512

    a9f48b5cb109df4c28c5c3831de52a2358c668836e11d67345931058af750d903acd048fbefdae6c20b2064e4e1aaf2a48587579a5c1c5b81b1961c21adb9f51

  • SSDEEP

    6144:qYQmH5FB14TqaN1ov3FtHm7RN+5mvmTgoZzes:jQmZ/+ejv1twqsvggDs

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      e62fe81a4d4bd11dc112c66fd18a736dd8cb6252c1bdf22ff62e09f2a537196a

    • Size

      346KB

    • MD5

      72e55ffb7ea5a7a1fb75c5c9de9b5481

    • SHA1

      cf21337d4f4d48cd5366b97c4f7c7e940bfe419b

    • SHA256

      e62fe81a4d4bd11dc112c66fd18a736dd8cb6252c1bdf22ff62e09f2a537196a

    • SHA512

      56913ff5607ac74fffbf3257a68faf10883754cb5936105039329f8648af8181e2b7a28ccf077d9c7fd13e6ab277e1aade81c1db4e848e62bad8a2a780d0af47

    • SSDEEP

      6144:2VCJljS9PgGzqLHvw1t6mAOZn4sHp4Wf953FOKcHGMTR1AVIMyhd4xb3XhYfOwh0:2V6S9PgGim8f6haOwJiKC

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks