mystic | 937c24c7bc8f644e736aeff6cbd1215b0092f22b786ae9bff4c04df71f7b637a | Triage

Submit
Reports

Overview

overview

Static

static

3

SecuriteIn...67.exe

windows7-x64

1

SecuriteIn...67.exe

windows10-2004-x64

Sharing

General

Target

SecuriteInfo.com.Variant.Lazy.405958.21084.18767.exe
Size

728KB
Sample

231121-sp6k5sga4x
MD5

54f5a88e40b41b5d088d6dda06295b4e
SHA1

ac93c88fd247fa7e5b9fadf1a89da8340722f1ec
SHA256

937c24c7bc8f644e736aeff6cbd1215b0092f22b786ae9bff4c04df71f7b637a
SHA512

7b1fd7f02825cd1ea02ae8eba17faafea88e987e281c5995c123be4aa9e7a375841341b27443749aac8a1edd56ce7814e0eac73c3204a502b42bbaeb25dd9cdc
SSDEEP

12288:+0B83HMvElpIYHQUtGGWs888888888888W88888888888qz36f9b6daPOytpSn:PqHCElpIYHQUtGGWdU9b6d0t

Score

10^/10

mystic spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Variant.Lazy.405958.21084.18767.exe

Resource

win7-20231025-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Variant.Lazy.405958.21084.18767.exe

Resource

win10v2004-20231023-en

mystic spyware stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

mystic

C2

http://5.42.64.20/loghub/master

Targets

- Target
  
  SecuriteInfo.com.Variant.Lazy.405958.21084.18767.exe
- Size
  
  728KB
- MD5
  
  54f5a88e40b41b5d088d6dda06295b4e
- SHA1
  
  ac93c88fd247fa7e5b9fadf1a89da8340722f1ec
- SHA256
  
  937c24c7bc8f644e736aeff6cbd1215b0092f22b786ae9bff4c04df71f7b637a
- SHA512
  
  7b1fd7f02825cd1ea02ae8eba17faafea88e987e281c5995c123be4aa9e7a375841341b27443749aac8a1edd56ce7814e0eac73c3204a502b42bbaeb25dd9cdc
- SSDEEP
  
  12288:+0B83HMvElpIYHQUtGGWs888888888888W88888888888qz36f9b6daPOytpSn:PqHCElpIYHQUtGGWdU9b6d0t
Score

10^/10

mystic spyware stealer
- Detect Mystic stealer payload
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

mysticspywarestealer

© 2018-2024

Terms | Privacy