mystic | 12ceeab339c9f5c739fcc74d77971711040cf86466ec301448952c0c0ca314ed | Triage

Sharing

General

Target

12ceeab339c9f5c739fcc74d77971711040cf86466ec301448952c0c0ca314ed
Size

700KB
Sample

231012-hq9dbafa24
MD5

2699e44e641322f35f3844ade886a929
SHA1

42a8ca225c28c1dddc91cbe15ebc8c2fd69d377b
SHA256

12ceeab339c9f5c739fcc74d77971711040cf86466ec301448952c0c0ca314ed
SHA512

16a0f5692111f7382c4e95c85895d4b40d3981131b99ff6b56bdb01bf5a32f4cb1f0f249cd70ea204ff9e9a6544129f6a7aacc5a00e3590475a10c660399949b
SSDEEP

12288:mHXgFysVucQp1M/v2zZy/vpj+oyRhlkGUSwQh9e1r:Kg9x/vsLoIPUSwcK

Score

10^/10

mystic stealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

- Target
  
  12ceeab339c9f5c739fcc74d77971711040cf86466ec301448952c0c0ca314ed
- Size
  
  700KB
- MD5
  
  2699e44e641322f35f3844ade886a929
- SHA1
  
  42a8ca225c28c1dddc91cbe15ebc8c2fd69d377b
- SHA256
  
  12ceeab339c9f5c739fcc74d77971711040cf86466ec301448952c0c0ca314ed
- SHA512
  
  16a0f5692111f7382c4e95c85895d4b40d3981131b99ff6b56bdb01bf5a32f4cb1f0f249cd70ea204ff9e9a6544129f6a7aacc5a00e3590475a10c660399949b
- SSDEEP
  
  12288:mHXgFysVucQp1M/v2zZy/vpj+oyRhlkGUSwQh9e1r:Kg9x/vsLoIPUSwcK
Score

10^/10

mystic stealer
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2