General
-
Target
0d3a1f37d96052882a2cc2a8bd97e2b7ff3a244b120c62d03175ef09df7f9660N
-
Size
336KB
-
Sample
241110-shq7wasmcn
-
MD5
e973033afc5ac7c33b4a076a1d6e4170
-
SHA1
bd09f28d273a8829dbe634a05bf5ccb9d0afe8ff
-
SHA256
0d3a1f37d96052882a2cc2a8bd97e2b7ff3a244b120c62d03175ef09df7f9660
-
SHA512
4037e6292e0d069eaf8bdc4904f3323593b45a13aa59dc2bd2a10ee58fd1b223f34d28a13347f2158754a63901da81a1bba751faf8ee54eb87fded19c9e90fe1
-
SSDEEP
6144:Khy+bnr+Cp0yN90QEZufdeKN6Dafd7WW3jckHGqk5UzYLTsuunjfhRsHaYy:rMryy90vwIs6dWzckHG1UqouWAHaB
Static task
static1
Malware Config
Targets
-
-
Target
0d3a1f37d96052882a2cc2a8bd97e2b7ff3a244b120c62d03175ef09df7f9660N
-
Size
336KB
-
MD5
e973033afc5ac7c33b4a076a1d6e4170
-
SHA1
bd09f28d273a8829dbe634a05bf5ccb9d0afe8ff
-
SHA256
0d3a1f37d96052882a2cc2a8bd97e2b7ff3a244b120c62d03175ef09df7f9660
-
SHA512
4037e6292e0d069eaf8bdc4904f3323593b45a13aa59dc2bd2a10ee58fd1b223f34d28a13347f2158754a63901da81a1bba751faf8ee54eb87fded19c9e90fe1
-
SSDEEP
6144:Khy+bnr+Cp0yN90QEZufdeKN6Dafd7WW3jckHGqk5UzYLTsuunjfhRsHaYy:rMryy90vwIs6dWzckHG1UqouWAHaB
-
Detect Mystic stealer payload
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
Mystic family
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1