mystic | 8f79bc43c15368c61c23f56528eb9f7d0db644af472e0ca8ed58256491c71800 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

8abe67f3fa...f9.exe

windows10-2004-x64

Sharing

General

Target

8f79bc43c15368c61c23f56528eb9f7d0db644af472e0ca8ed58256491c71800
Size

479KB
Sample

240417-qcewjsab2s
MD5

e0e69e23cdcdc31c9f9abeae445db55f
SHA1

8bbfd28076bb68e74fd3fb01751ccdc62a1e9647
SHA256

8f79bc43c15368c61c23f56528eb9f7d0db644af472e0ca8ed58256491c71800
SHA512

65bc29eaea1952048a46741cd654ae62d4280ded62300402af66139c470d331fdaeb0187facbd609482bbb4aa0b2610cf40add06bcbcdeb8f55685600aee33fc
SSDEEP

12288:BPhfRNaNoIBCSdsetlS2WJYEDXoFVmSNaEPwsUM11Q5jF3L:eoI9dZS2unsFVZNaEPwsbyVhL

Score

10^/10

mystic evasion persistence stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8abe67f3fa19414604fbb2a1510012895dbf0e89c55c9ff8d1a156b868ee9bf9.exe

Resource

win10v2004-20240412-en

mystic evasion persistence stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  8abe67f3fa19414604fbb2a1510012895dbf0e89c55c9ff8d1a156b868ee9bf9.exe
- Size
  
  523KB
- MD5
  
  dcee3487134de31384cc480650d0b872
- SHA1
  
  728aac232b591c08d2a0a727a5024afdb17f3b56
- SHA256
  
  8abe67f3fa19414604fbb2a1510012895dbf0e89c55c9ff8d1a156b868ee9bf9
- SHA512
  
  dd0751578f48b5a2e6931c31865c235f464fb3d6fe4bdbd8389ab9d8429b0ffb69205773b276dc930ab1dc672fe7ed724559bdb4a1896ba26bc9cd3b74570399
- SSDEEP
  
  12288:4Mr8y900yOk63JeBswLMA9Kyzr7Hx/XupZF7:UyMx0eB0Ryzr7Hx/XupZF7
Score

10^/10

mystic evasion persistence stealer trojan
- Detect Mystic stealer payload
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mysticevasionpersistencestealertrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.