Analysis
-
max time kernel
97s -
max time network
131s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
21-01-2024 22:39
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.PWS.Stealer.37347.3977.exe
Resource
win7-20231215-en
2 signatures
150 seconds
General
-
Target
SecuriteInfo.com.Trojan.PWS.Stealer.37347.3977.exe
-
Size
1.7MB
-
MD5
a7e4e478fbf4a1ff9a1be70ee8afd190
-
SHA1
51f3d2658fd02b20979947a643ed1c1f66892ee8
-
SHA256
9bdb51905b1eac04722007ffcc4a86f1bd84b618ca2610580e01acd21b98cdcb
-
SHA512
832dee9f05692b8b32c8c675572fea4e3c3a40e4626a176941a8f589a4c39affc3d3494af32cd2b80aa7de97bfefe2d86c48211f0647bf429f94ca1540702039
-
SSDEEP
24576:+yZ64ndor0y8cvUfoPch+t62fXWbRTfZOwgh:1M8cxt6xNa
Malware Config
Signatures
-
Detect Mystic stealer payload 2 IoCs
Processes:
resource yara_rule behavioral2/memory/4440-1-0x0000000000F40000-0x0000000000F68000-memory.dmp mystic_family behavioral2/memory/4440-3-0x0000000000F40000-0x0000000000F68000-memory.dmp mystic_family
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4440-0-0x0000000000F70000-0x00000000011B6000-memory.dmpFilesize
2.3MB
-
memory/4440-1-0x0000000000F40000-0x0000000000F68000-memory.dmpFilesize
160KB
-
memory/4440-2-0x0000000000F70000-0x00000000011B6000-memory.dmpFilesize
2.3MB
-
memory/4440-3-0x0000000000F40000-0x0000000000F68000-memory.dmpFilesize
160KB