Overview

overview

10

Static

static

1

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2Lb7257.exe

  • Size

    310KB

  • Sample

    231113-llf3racc85

  • MD5

    c42b3a6b724c2230d080a802a03abd54

  • SHA1

    a889280caafda2ca685808e4c9e42cb74bd3d797

  • SHA256

    0658884bba3968489435f5b6f9d47af0f187dcfece1b705793b1c1fadc38036e

  • SHA512

    15dd0ba3411d79cebff58afda833f17130171f1faacd6d81c935cf45f830cbe9a7bbf0ba12e4257821fb97fc7032a1f5e650c8740d1aa8f8e661595023af70b9

  • SSDEEP

    6144:aRJ4eu5tKKWAmo0876DK3ur/7IaUATo/GAqAQ3GDkh9NzL:aRJ4e6VeDK+fcATKGjf2Yh9Nv

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.43/loghub/master

Targets

    • Target

      2Lb7257.exe

    • Size

      310KB

    • MD5

      c42b3a6b724c2230d080a802a03abd54

    • SHA1

      a889280caafda2ca685808e4c9e42cb74bd3d797

    • SHA256

      0658884bba3968489435f5b6f9d47af0f187dcfece1b705793b1c1fadc38036e

    • SHA512

      15dd0ba3411d79cebff58afda833f17130171f1faacd6d81c935cf45f830cbe9a7bbf0ba12e4257821fb97fc7032a1f5e650c8740d1aa8f8e661595023af70b9

    • SSDEEP

      6144:aRJ4eu5tKKWAmo0876DK3ur/7IaUATo/GAqAQ3GDkh9NzL:aRJ4e6VeDK+fcATKGjf2Yh9Nv

    Score
    10/10
    mysticstealer

    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks