Overview

overview

10

Static

static

1

7a4a8f886d...b1.exe

windows7-x64

10

7a4a8f886d...b1.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7a4a8f886ddbe50cca6e9b5a46cebf8115885bc97fcb17c4c4848c2fe35d67b1

  • Size

    380KB

  • Sample

    231011-yvp38sac6s

  • MD5

    abb81c926b3433298888595b40cc5646

  • SHA1

    b15e11dee4724da417c8f12fdd69a9c1e6d462b3

  • SHA256

    7a4a8f886ddbe50cca6e9b5a46cebf8115885bc97fcb17c4c4848c2fe35d67b1

  • SHA512

    00712b4fd7b99e8a5949f7dabc60bd59a992411b45186ad6d62c91a550ad1abee430862981d7373f7fd868d6a9c0fe5d34679035eec50ad96c73bce95851fea1

  • SSDEEP

    6144:glPCcA+110KwTVSf3pOCq5btuAOIDpfI9o36BQc+c35ZYWyvcwB06aWw2:glPZh110dVaUzueNAe3gQc+c35ZYWyvZ

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      7a4a8f886ddbe50cca6e9b5a46cebf8115885bc97fcb17c4c4848c2fe35d67b1

    • Size

      380KB

    • MD5

      abb81c926b3433298888595b40cc5646

    • SHA1

      b15e11dee4724da417c8f12fdd69a9c1e6d462b3

    • SHA256

      7a4a8f886ddbe50cca6e9b5a46cebf8115885bc97fcb17c4c4848c2fe35d67b1

    • SHA512

      00712b4fd7b99e8a5949f7dabc60bd59a992411b45186ad6d62c91a550ad1abee430862981d7373f7fd868d6a9c0fe5d34679035eec50ad96c73bce95851fea1

    • SSDEEP

      6144:glPCcA+110KwTVSf3pOCq5btuAOIDpfI9o36BQc+c35ZYWyvcwB06aWw2:glPZh110dVaUzueNAe3gQc+c35ZYWyvZ

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks