Extracted

• • Target

    f414d222ed8a741f09e628ea177621bb850e440941fa4f6d54e81f3211d1c604.exe

  • Size

    919KB

  • MD5

    909182a4ae4d0aff248ce1cc77ea5004

  • SHA1

    3b2aa06940d541492fd19893adfcc7628d512cbd

  • SHA256

    f414d222ed8a741f09e628ea177621bb850e440941fa4f6d54e81f3211d1c604

  • SHA512

    e6ef3a49f2a832a7817c1d074d83508e38f964f26a70f11775fa1a2ee2e943ca4ea6d52393b472bc1a96294672fbf02fc5ec3547092667bca4f7c296bfddc2e5

  • SSDEEP

    24576:GyphPYaeuIsuC/GRLYDb/21Ka1rSRrSwY:VpetZEGK/u1zS

  Score

  10^/10

  mysticredlinetaigainfostealerpersistencestealer

  • Detect Mystic stealer payload

  • Mystic

    Mystic is an infostealer written in C++.

    stealermystic

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  behavioral1