Overview

overview

10

Static

static

3

ecf8793946...6d.exe

windows7-x64

10

ecf8793946...6d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    ecf879394639be2b544d62d7b904223c106cb07bf0c5dc87429282b52a0ba86d

  • Size

    346KB

  • Sample

    231011-nqtkraec58

  • MD5

    0d4507df6c4f697f5c2e61dd574a55d3

  • SHA1

    2644c9b8da6a26510d8d38c586834f223c374e15

  • SHA256

    ecf879394639be2b544d62d7b904223c106cb07bf0c5dc87429282b52a0ba86d

  • SHA512

    f6e17885e5bd1b4fbca1827a0b189d0124c773d6443d2ce4a05601e0e6898b8822b22fef98bad85e34e45b75ddd798a80a3c20811867b5b7055f417776b0af9c

  • SSDEEP

    6144:7NCTljS9PgGzqLHvw1t6mAOfd5pBgepdWq+R0z4viKC:7NgS9PgGimf5pBgIWH5iKC

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      ecf879394639be2b544d62d7b904223c106cb07bf0c5dc87429282b52a0ba86d

    • Size

      346KB

    • MD5

      0d4507df6c4f697f5c2e61dd574a55d3

    • SHA1

      2644c9b8da6a26510d8d38c586834f223c374e15

    • SHA256

      ecf879394639be2b544d62d7b904223c106cb07bf0c5dc87429282b52a0ba86d

    • SHA512

      f6e17885e5bd1b4fbca1827a0b189d0124c773d6443d2ce4a05601e0e6898b8822b22fef98bad85e34e45b75ddd798a80a3c20811867b5b7055f417776b0af9c

    • SSDEEP

      6144:7NCTljS9PgGzqLHvw1t6mAOfd5pBgepdWq+R0z4viKC:7NgS9PgGimf5pBgIWH5iKC

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks