mystic | 97575dcd78873b78e7b67cbab00b22577a88400fdb3a77895b863e71d756b329 | Triage

Submit
Reports

Overview

overview

Static

static

3

96968eb743...e0.exe

windows10-2004-x64

Sharing

General

Target

ba1d6c925ec0867f51a06eb45f780f65.bin
Size

1.2MB
Sample

231113-dhtknsgb6v
MD5

a0f7cfff48af701a2be346ee32324276
SHA1

771b26b6a40554ab19247e6afe64a5106e5e82c2
SHA256

97575dcd78873b78e7b67cbab00b22577a88400fdb3a77895b863e71d756b329
SHA512

53482b33be1e82999a1f77d32efa56ba8f49de55a7bab945f90b0749a70270d60b545359c391a038a21b00f725e0e7cdef4f859cf71b7876d595d392dd219df4
SSDEEP

24576:9Pfaa62sbLyZN5Zz68HCLAeS3qP1qgFsEtlC+Z1fIMN6mxVbVuMHSdwQtclRAOf:1Cbbk5U8iZh1nmE/fI0xdVugLEcgOf

Score

10^/10

mystic redline taiga infostealer persistence stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

96968eb7438ab298fb5c8dd0b46b2e10a77ed78eb2a54c891b40da4da4a3b9e0.exe

Resource

win10v2004-20231023-en

mystic redline taiga infostealer persistence stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

taiga

C2

5.42.92.51:19057

Targets

- Target
  
  96968eb7438ab298fb5c8dd0b46b2e10a77ed78eb2a54c891b40da4da4a3b9e0.exe
- Size
  
  1.3MB
- MD5
  
  ba1d6c925ec0867f51a06eb45f780f65
- SHA1
  
  8739f0e00cabe3fee69ce50561b716c701038177
- SHA256
  
  96968eb7438ab298fb5c8dd0b46b2e10a77ed78eb2a54c891b40da4da4a3b9e0
- SHA512
  
  dc627b7c2f4273c7c5dc7d1721f0b4fa766ca732831ea641d605ae8b2ea9f1b0f2ec13f302ee30c8cbdb2c16d015f3486d45024e636bc3c08e331ec7cacba899
- SSDEEP
  
  24576:dy5443gK+dy+ae5IsZC3GRW1DeUZf1R917qiIvQ75BxdVocaM:4aEgEHeiq+G4Pp17zLtBKc
Score

10^/10

mystic redline taiga infostealer persistence stealer
- Detect Mystic stealer payload
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Executes dropped EXE
- Adds Run key to start application
  persistence
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mysticredlinetaigainfostealerpersistencestealer

© 2018-2025

Terms | Privacy