Overview

overview

10

Static

static

1

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2AQ9373.exe

  • Size

    310KB

  • Sample

    231113-lgk6xabg9v

  • MD5

    2ea1fe5e48ff5e021b18c632d674cfd7

  • SHA1

    5d4f2c90048e5a04a3cef2f8045fe65f5a3464a7

  • SHA256

    189abcba819ada066ab0e305a49a6a95d4ae5f53e3f9fc62d1e0306d9398ec42

  • SHA512

    26f90d2c5c828e493049629cf5c67fc3f71eda78b364acbba666633907dc9aab9ccbb21b9ebf626f03cd188309b0336c0313c5222f31f26c3e07775d147936a9

  • SSDEEP

    6144:FRJ4eu5tKdffzjVOEaRLs46i2fNjKAyWqjNWsHffh9NzL:FRJ4e5fPV5aRLsBf1yxAuh9Nv

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.43/loghub/master

Targets

    • Target

      2AQ9373.exe

    • Size

      310KB

    • MD5

      2ea1fe5e48ff5e021b18c632d674cfd7

    • SHA1

      5d4f2c90048e5a04a3cef2f8045fe65f5a3464a7

    • SHA256

      189abcba819ada066ab0e305a49a6a95d4ae5f53e3f9fc62d1e0306d9398ec42

    • SHA512

      26f90d2c5c828e493049629cf5c67fc3f71eda78b364acbba666633907dc9aab9ccbb21b9ebf626f03cd188309b0336c0313c5222f31f26c3e07775d147936a9

    • SSDEEP

      6144:FRJ4eu5tKdffzjVOEaRLs46i2fNjKAyWqjNWsHffh9NzL:FRJ4e5fPV5aRLsBf1yxAuh9Nv

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks