mystic | b38c7c31710728bb12b0caa6846e0554b0861ffc6b4730584bfffa041b92e6b6 | Triage

Submit
Reports

Overview

overview

Static

static

3

winprofile

windows7-x64

winprofile

windows10-1703-x64

7

Sharing

General

Target

aM8tP31.exe
Size

658KB
Sample

231113-lkjggscc76
MD5

1e9dc058e5cd7b0d8c9c52b0944a00e9
SHA1

5b906eb956a52c5cb1bc0b62a060cb8bbb6318f5
SHA256

b38c7c31710728bb12b0caa6846e0554b0861ffc6b4730584bfffa041b92e6b6
SHA512

c94a7a403437bbaa518ec9bb2dc58c4d87382e01277d0f846d53381207ad435d6a06ddce47162545d5f35c397845abd32ba604aff585f004426c9b349020b45a
SSDEEP

12288:HMrey90l0NA0H7Gae/4IC50pCCHGN0PLvYMXiYQbDL6Es4yI7DKfHfGoi:Fy6iaaewIsgCQGIgYDKT/yf/Gj

Score

10^/10

mystic google paypal persistence phishing stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

aM8tP31.exe

Resource

win7-20231020-en

mystic google paypal persistence phishing stealer

windows7-x64

15 signatures

300 seconds

Behavioral task

behavioral2

Sample

aM8tP31.exe

Resource

win10-20231023-en

windows10-1703-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  aM8tP31.exe
- Size
  
  658KB
- MD5
  
  1e9dc058e5cd7b0d8c9c52b0944a00e9
- SHA1
  
  5b906eb956a52c5cb1bc0b62a060cb8bbb6318f5
- SHA256
  
  b38c7c31710728bb12b0caa6846e0554b0861ffc6b4730584bfffa041b92e6b6
- SHA512
  
  c94a7a403437bbaa518ec9bb2dc58c4d87382e01277d0f846d53381207ad435d6a06ddce47162545d5f35c397845abd32ba604aff585f004426c9b349020b45a
- SSDEEP
  
  12288:HMrey90l0NA0H7Gae/4IC50pCCHGN0PLvYMXiYQbDL6Es4yI7DKfHfGoi:Fy6iaaewIsgCQGIgYDKT/yf/Gj
Score

10^/10

mystic google paypal persistence phishing stealer
- Detect Mystic stealer payload
- Detected google phishing page
  phishing google
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Detected potential entity reuse from brand paypal.
  phishing paypal
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mysticgooglepaypalpersistencephishingstealer

behavioral2

© 2018-2025

Terms | Privacy