mystic | df747e2640e274af12194326bc11b5c811f625766fb0cb563905bd5b8945055a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

df747e2640...5a.exe

windows7-x64

df747e2640...5a.exe

windows10-2004-x64

Sharing

General

Target

df747e2640e274af12194326bc11b5c811f625766fb0cb563905bd5b8945055a
Size

358KB
Sample

231013-zkt5wabe87
MD5

a4f9d6afc3865f268eca6cf7171e8112
SHA1

b70e20ba1d854fd35ffa54a717718d4cce0d1777
SHA256

df747e2640e274af12194326bc11b5c811f625766fb0cb563905bd5b8945055a
SHA512

c0eb4de36e3e28a451a18d789b7a986b9a4d099c7e60adc14312905cb780bd0850d2f7e86ead1ffd7d62effb89370d9f832e3013e604a039d44ef6ebc58b72a7
SSDEEP

6144:2/2XR/bOEHHkwxOSeyCKrJz4AO5e7nJQ7Tx11D4dWxm/caB48fi:i2X1aEHEw94XeQx1F4b/o8fi

Score

10^/10

mystic stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

df747e2640e274af12194326bc11b5c811f625766fb0cb563905bd5b8945055a.exe

Resource

win7-20230831-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

df747e2640e274af12194326bc11b5c811f625766fb0cb563905bd5b8945055a.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  df747e2640e274af12194326bc11b5c811f625766fb0cb563905bd5b8945055a
- Size
  
  358KB
- MD5
  
  a4f9d6afc3865f268eca6cf7171e8112
- SHA1
  
  b70e20ba1d854fd35ffa54a717718d4cce0d1777
- SHA256
  
  df747e2640e274af12194326bc11b5c811f625766fb0cb563905bd5b8945055a
- SHA512
  
  c0eb4de36e3e28a451a18d789b7a986b9a4d099c7e60adc14312905cb780bd0850d2f7e86ead1ffd7d62effb89370d9f832e3013e604a039d44ef6ebc58b72a7
- SSDEEP
  
  6144:2/2XR/bOEHHkwxOSeyCKrJz4AO5e7nJQ7Tx11D4dWxm/caB48fi:i2X1aEHEw94XeQx1F4b/o8fi
Score

10^/10

mystic stealer
- Detect Mystic stealer payload
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy