mystic | 784f1268c3dafe53accc3b0d51278b52af4e82b9366c89e3305725e2a7e701c1 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-1703-x64

Sharing

General

Target

784f1268c3dafe53accc3b0d51278b52af4e82b9366c89e3305725e2a7e701c1
Size

373KB
Sample

231112-njzs7afa2t
MD5

f8b53c2664c93a0875061a7b0d9f7e2b
SHA1

f5eccfc49ab420740531f003bffce52fb69b6e5d
SHA256

784f1268c3dafe53accc3b0d51278b52af4e82b9366c89e3305725e2a7e701c1
SHA512

f57510e936b6cf4573fd41dd26131a5e5f2ba28ba9141f71c55318813a38b2679bee7027d715e6d32566468c8d2d4717061a43d444e131d18592c86455ab1600
SSDEEP

6144:KWy+bnr+5p0yN90QElsDyn3LPdTcX9azZI14kShSgf8wnZzfgJvUpp:iMrpy90vycLPdINaS4kShSs8wnZEJvUv

Score

10^/10

mystic redline taiga infostealer persistence stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

784f1268c3dafe53accc3b0d51278b52af4e82b9366c89e3305725e2a7e701c1.exe

Resource

win10-20231020-en

mystic redline taiga infostealer persistence stealer

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

taiga

C2

5.42.92.51:19057

Targets

- Target
  
  784f1268c3dafe53accc3b0d51278b52af4e82b9366c89e3305725e2a7e701c1
- Size
  
  373KB
- MD5
  
  f8b53c2664c93a0875061a7b0d9f7e2b
- SHA1
  
  f5eccfc49ab420740531f003bffce52fb69b6e5d
- SHA256
  
  784f1268c3dafe53accc3b0d51278b52af4e82b9366c89e3305725e2a7e701c1
- SHA512
  
  f57510e936b6cf4573fd41dd26131a5e5f2ba28ba9141f71c55318813a38b2679bee7027d715e6d32566468c8d2d4717061a43d444e131d18592c86455ab1600
- SSDEEP
  
  6144:KWy+bnr+5p0yN90QElsDyn3LPdTcX9azZI14kShSgf8wnZzfgJvUpp:iMrpy90vycLPdINaS4kShSs8wnZEJvUv
Score

10^/10

mystic redline taiga infostealer persistence stealer
- Detect Mystic stealer payload
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mysticredlinetaigainfostealerpersistencestealer

© 2018-2025

Terms | Privacy