mystic | b35fc9c6756f9c8e376445fea763834955cd88f728657d3ede36a5b063567acd | Triage

Sharing

General

Target

df46912dec821ab1e3bba24bde4053d0N.exe
Size

574KB
Sample

240820-cclgfaxhrf
MD5

df46912dec821ab1e3bba24bde4053d0
SHA1

6e48c6b70704e916803b887686be66d458c952bf
SHA256

b35fc9c6756f9c8e376445fea763834955cd88f728657d3ede36a5b063567acd
SHA512

6658f24b1d6e19cf1ea62689f47d5e86901c620071770c357de0e2ce1a76e85db9e3910c00e7e2edeab81e1043eade9955dae7f2396ad3875ffcd30ead4a0d6e
SSDEEP

12288:9MrSy90bPOw+DFYZrOQb2iDp0DfyO6Z9nuFMYDHluA8gQ:TyplD6ZyQb2iD2byOE2RDLG

Score

10^/10

mystic discovery evasion persistence stealer trojan

Malware Config

Targets

- Target
  
  df46912dec821ab1e3bba24bde4053d0N.exe
- Size
  
  574KB
- MD5
  
  df46912dec821ab1e3bba24bde4053d0
- SHA1
  
  6e48c6b70704e916803b887686be66d458c952bf
- SHA256
  
  b35fc9c6756f9c8e376445fea763834955cd88f728657d3ede36a5b063567acd
- SHA512
  
  6658f24b1d6e19cf1ea62689f47d5e86901c620071770c357de0e2ce1a76e85db9e3910c00e7e2edeab81e1043eade9955dae7f2396ad3875ffcd30ead4a0d6e
- SSDEEP
  
  12288:9MrSy90bPOw+DFYZrOQb2iDp0DfyO6Z9nuFMYDHluA8gQ:TyplD6ZyQb2iD2byOE2RDLG
Score

10^/10

mystic discovery evasion persistence stealer trojan
- Detect Mystic stealer payload
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Mystic
  Mystic is an infostealer written in C++.
  stealer mystic
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mysticdiscoveryevasionpersistencestealertrojan