mystic | bd6809262e18c2639efa48967d8764232fa9ba31dc97df2ed33f7c9fbfe0623e | Triage

Submit
Reports

Overview

overview

Static

static

1

bd6809262e...3e.exe

windows7-x64

bd6809262e...3e.exe

windows10-2004-x64

Sharing

General

Target

bd6809262e18c2639efa48967d8764232fa9ba31dc97df2ed33f7c9fbfe0623e
Size

379KB
Sample

231011-pkmexsfb9z
MD5

e04d14cd921c4d462ddafc16c1cddee2
SHA1

5b110b7263ad4736fb8ddb35c731e16802e47ffe
SHA256

bd6809262e18c2639efa48967d8764232fa9ba31dc97df2ed33f7c9fbfe0623e
SHA512

2be3c3612236eee06d3645dc230fc947b8d53e8f2d57114cb03d82fafdb20f09720c1cd13101b2f3b68d34c15f8ce1056f3a357f57bf53a81581f37e63117945
SSDEEP

6144:HEAZcRgs3r9vIum2Tg0N63KAORXqfQVW98ngsr9AlK51Qtosg3F:HE5RP3r9HmebafYWarew1Qti3F

Score

10^/10

mystic stealer

Static task

static1

Behavioral task

behavioral1

Sample

bd6809262e18c2639efa48967d8764232fa9ba31dc97df2ed33f7c9fbfe0623e.exe

Resource

win7-20230831-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

bd6809262e18c2639efa48967d8764232fa9ba31dc97df2ed33f7c9fbfe0623e.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

- Target
  
  bd6809262e18c2639efa48967d8764232fa9ba31dc97df2ed33f7c9fbfe0623e
- Size
  
  379KB
- MD5
  
  e04d14cd921c4d462ddafc16c1cddee2
- SHA1
  
  5b110b7263ad4736fb8ddb35c731e16802e47ffe
- SHA256
  
  bd6809262e18c2639efa48967d8764232fa9ba31dc97df2ed33f7c9fbfe0623e
- SHA512
  
  2be3c3612236eee06d3645dc230fc947b8d53e8f2d57114cb03d82fafdb20f09720c1cd13101b2f3b68d34c15f8ce1056f3a357f57bf53a81581f37e63117945
- SSDEEP
  
  6144:HEAZcRgs3r9vIum2Tg0N63KAORXqfQVW98ngsr9AlK51Qtosg3F:HE5RP3r9HmebafYWarew1Qti3F
Score

10^/10

mystic stealer
- Detect Mystic stealer payload
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy