Extracted

• • Target

    98568e60dd6aaa4e3bbfbf94d2b5aab06949a6ed4abae6a532d96b142408ea61

  • Size

    1017KB

  • MD5

    9ff109638c5a001829bdb07be04ad4a9

  • SHA1

    c51ce1cbf7a0fac879e50965467dce23fbdcc28c

  • SHA256

    98568e60dd6aaa4e3bbfbf94d2b5aab06949a6ed4abae6a532d96b142408ea61

  • SHA512

    830a960e75269d0fbaaecee7173a6b1ea154e4c461e25deef9bf9670ab823b694f39b6b8637d5181fecd0ac58db992586fb39d9ff6a65c19af1a969cc0bcad50

  • SSDEEP

    12288:kMrZy90VVFI/tCVY0IcQb3GwzFkp/9D0Fdv5S4eGc4K6jinwaG7C7FK7OW3uwT/o:lykef0rQiXplOrLV4WfODwUZ+j/VE

  Score

  10^/10

  mysticredlinekukishdiscoveryinfostealerpersistencestealer

  • Detect Mystic stealer payload

  • Mystic

    Mystic is an infostealer written in C++.

    stealermystic

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1