mystic | 3aaa0e01f23024591c84cd1393453bcbaa92e87043ee1233d263808cdf897a88 | Triage

Submit
Reports

Overview

overview

Static

static

3

864800f974...69.exe

windows10-2004-x64

Sharing

General

Target

ad217868ca3748bb09059de2833fdc0f.bin
Size

1.2MB
Sample

231113-c9z14afh8v
MD5

637cff186b6c9c438c646894451dc10b
SHA1

857b508bbc834861cea449ec3483f832b7177868
SHA256

3aaa0e01f23024591c84cd1393453bcbaa92e87043ee1233d263808cdf897a88
SHA512

886f2d405cfecb4807cd06886aad5ee95a9ec997e653f82529121cb1d6294825b842924d22c621417462733e65c846fbea76727df9cdcc2e73a494f84c2be4cf
SSDEEP

24576:pbq6hb6v5PNca0LD9cdyo0aheVZec4uJLZHPf:px9EVOL0yofc4uJLZf

Score

10^/10

mystic redline taiga infostealer persistence stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

864800f97463762e22ebb976c3b3cf8c54f869b5f8cc88d116280cec9088c169.exe

Resource

win10v2004-20231023-en

mystic redline taiga infostealer persistence stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

taiga

C2

5.42.92.51:19057

Targets

- Target
  
  864800f97463762e22ebb976c3b3cf8c54f869b5f8cc88d116280cec9088c169.exe
- Size
  
  1.3MB
- MD5
  
  ad217868ca3748bb09059de2833fdc0f
- SHA1
  
  64fb98b5c6a635351f8d9373c8de9a671eef6ff3
- SHA256
  
  864800f97463762e22ebb976c3b3cf8c54f869b5f8cc88d116280cec9088c169
- SHA512
  
  4f4c21c9b2608bafdf9427881a95cbb9a5b345f9e9ba629f201aa474ce678524814bef71b88233a7eebbcebe2756ac2b2617fe7153197ed298c8d33e55a0391b
- SSDEEP
  
  24576:Pyd+m+Bis2HFaeUIsmCsGMYUDruT3synTxMc4ZiOjXLvTZ6r6bN:ad+9HKQezhVG2//yTxMjZZbS6b
Score

10^/10

mystic redline taiga infostealer persistence stealer
- Detect Mystic stealer payload
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Executes dropped EXE
- Adds Run key to start application
  persistence
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mysticredlinetaigainfostealerpersistencestealer

© 2018-2025

Terms | Privacy