General
-
Target
11VM9042.exe
-
Size
276KB
-
Sample
231113-llbg9sbh4w
-
MD5
78e13c8f3933b9fb74ce374c60fb45f9
-
SHA1
db58438f6f323582424115638c8d36a87838c7d9
-
SHA256
2317990f937e8d57b44551d08e2a4d0502fe19aff1bf0f7ed29aafe1df26bb33
-
SHA512
76e31c4144064b7b340fa8c2f26d2c5ffe3685ae81a49ee76010e76e72c205adefa8134699e983f520deb87ff1fe324b9de4e0518c14607ca92ae2a60966d70c
-
SSDEEP
6144:lKWeIhzyZNGucV2V+SsjPLyzC5rmcPMpQPEK+bmLagLKH:lKWewyk2V+LDkumcPMyM3bmLhLK
Malware Config
Extracted
mystic
http://5.42.92.43/loghub/master
Targets
-
-
Target
11VM9042.exe
-
Size
276KB
-
MD5
78e13c8f3933b9fb74ce374c60fb45f9
-
SHA1
db58438f6f323582424115638c8d36a87838c7d9
-
SHA256
2317990f937e8d57b44551d08e2a4d0502fe19aff1bf0f7ed29aafe1df26bb33
-
SHA512
76e31c4144064b7b340fa8c2f26d2c5ffe3685ae81a49ee76010e76e72c205adefa8134699e983f520deb87ff1fe324b9de4e0518c14607ca92ae2a60966d70c
-
SSDEEP
6144:lKWeIhzyZNGucV2V+SsjPLyzC5rmcPMpQPEK+bmLagLKH:lKWewyk2V+LDkumcPMyM3bmLhLK
Score10/10-
Detect Mystic stealer payload
-
Mystic
Mystic is an infostealer written in C++.
-
Suspicious use of SetThreadContext
-