mystic | 5f299e57dd42545fc9206709aff5322e37b8db20a1d14a405f68568e1e10fd75 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

11cH5851.exe
Size

276KB
Sample

231113-lg49sacc62
MD5

fb9ed224a492b165226df5ef47f07927
SHA1

def53d9291f9d13215750b43fb547dad5d3cc790
SHA256

5f299e57dd42545fc9206709aff5322e37b8db20a1d14a405f68568e1e10fd75
SHA512

e54067bbd3e582147b13c73de82157cc984cc3aac5696bf548b0d073b3ced6d67a5214dad426c702a12361f7b160d23945d038f20c48502e978fbe91a18136e8
SSDEEP

6144:nKWeIhzyZNGuI8kH88MQ/Z9FcsJba2pS9tZqIEl9sNwKH:nKWewypkH8DwZ9FcAQeIEmwK

Score

10^/10

mystic stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

11cH5851.exe

Resource

win7-20231023-en

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

11cH5851.exe

Resource

win10-20231020-en

windows10-1703-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.43/loghub/master

Targets

- Target
  
  11cH5851.exe
- Size
  
  276KB
- MD5
  
  fb9ed224a492b165226df5ef47f07927
- SHA1
  
  def53d9291f9d13215750b43fb547dad5d3cc790
- SHA256
  
  5f299e57dd42545fc9206709aff5322e37b8db20a1d14a405f68568e1e10fd75
- SHA512
  
  e54067bbd3e582147b13c73de82157cc984cc3aac5696bf548b0d073b3ced6d67a5214dad426c702a12361f7b160d23945d038f20c48502e978fbe91a18136e8
- SSDEEP
  
  6144:nKWeIhzyZNGuI8kH88MQ/Z9FcsJba2pS9tZqIEl9sNwKH:nKWewypkH8DwZ9FcAQeIEmwK
Score

10^/10

mystic stealer
- Detect Mystic stealer payload
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy