Overview

overview

10

Static

static

1

bfa2583daa...e2.exe

windows7-x64

10

bfa2583daa...e2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bfa2583daa3c0e78f367e28f1638d130eef29ad911b916ece869f3954855c5e2

  • Size

    211KB

  • Sample

    231011-yjvjksbc59

  • MD5

    616b9b285ea66ed8635b43aa9c1ecb7d

  • SHA1

    8afa531234bc687ce2e62232312ad7b54a0c90bd

  • SHA256

    c06842b9b6d515efcc6f0baa3bb08349e7bc41de6fec462770468c82dbb3e6d9

  • SHA512

    124d4bad72f0af2b64f4015d3b412761659ee76d0040016b10481cd087b0292eb936b24773482d3f760900b2b3f638eb3296a61056eaa64ec531c50699d4bb02

  • SSDEEP

    3072:03Y0Fx/2LOZR/15ujd/TBAZC0GuwonyM1q/6EfYIyxu3cXxoQI6tBJ8U+Zd2L3:0d2LSRtkrBWC0j5gHfRmoKBZ+HC3

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      bfa2583daa3c0e78f367e28f1638d130eef29ad911b916ece869f3954855c5e2

    • Size

      380KB

    • MD5

      2138347d41f1d36a98da4dab086bca7c

    • SHA1

      d6b92582a86876414acec4d9035394bd8f992f67

    • SHA256

      bfa2583daa3c0e78f367e28f1638d130eef29ad911b916ece869f3954855c5e2

    • SHA512

      eafb3b89eb2e7c681f310afdfcdd473ecbc51e93539f68782a6c09af2044a3bb79d6888a20b77225c4512f354a66d07fa0b8a345eb0efb77490e50536906a5f4

    • SSDEEP

      6144:plPchHX110KwTVSf3pOCq5b6uAO9S4HsVhbkkpKRjv1l5lrUpa4+PT29qwm:plPi3110dVaUcuLPEhHKdTrUparyMwm

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks