lumma | a642f6ba732059d9f41bafad77f24359de23206991e975feb225e90283a74cea

Sharing

Copy URL

Twitter E-mail

General

Target

SapphireX.zip
Size

100.1MB
Sample

240701-sfrevs1fpl
MD5

3de1b65d338b54da6ffe5dce9e2002a7
SHA1

d85ae85a57d5cfd6e247dd5e005f11a0b9cbb596
SHA256

a642f6ba732059d9f41bafad77f24359de23206991e975feb225e90283a74cea
SHA512

5766542cee65ae909ffb1ce5048852a43291d32878eb7a332c0a05ae0625bc7e3acbc08a1cdcbc43ca947227ff4c488ad323b34691d2cd6dcf9169f36ea8afe7
SSDEEP

1572864:jhLDebJg4qnVJYng2a3SZ6eamPsHNyQfqY4F0nLVAczcQ36WyAhM6InU3q:jtD2gFVJEg21LUtWb0xdQWyAUnU3q

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

https://citizencenturygoodwk.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

- Target
  
  SapphireX/Core.dll
- Size
  
  69KB
- MD5
  
  21203c1cb7a4eca2fb6343fa75421b4d
- SHA1
  
  2310e029ab3856b9016ed87fd45cd2ff0d348f0b
- SHA256
  
  c0d5719b5d11c1476400c01a44de7d4f493e9bc612dbc9b735b91489b72548c9
- SHA512
  
  05ad6f2200c0f469b940726365647d528c03b7c93798b25d98c111569d5ee9b51371dda401ff603c707a2ab82087b8a87d4554c4cfb085179ee2859b1c36c749
- SSDEEP
  
  768:rkHceEMWH8T9j8kHceEMWH8T9j8kHceEMWH8T9jC:I8dZcT998dZcT998dZcT9C
Score

1^/10
behavioral1 behavioral2
- Target
  
  SapphireX/Data.dll
- Size
  
  24KB
- MD5
  
  686c625fbfad9db37a93a8ec5324b247
- SHA1
  
  7558d93cc345e135afc31122618c034c7cb7248a
- SHA256
  
  559ebc6a47f70380a9f8935d506d083e4867ccfad0370858089fdb79ff52cd22
- SHA512
  
  6baba5bef9019383ff77fe65627f70103aacb9954f1d68db6aec64a9ae0784b5fe31a9884f716b61fe8dd850739bdfa9f4bac8551226f124a581399e59f26a1b
- SSDEEP
  
  384:L/AAaFiTCmM82SuxDJQfWaFWsZTb2HRN7nR3I15DNR9zQ1Bt:DpaFiTCm0DJQFT/inWr9z8Bt
Score

1^/10
behavioral3 behavioral4
- Target
  
  SapphireX/Drawing.dll
- Size
  
  40KB
- MD5
  
  3914e5d98945a34651a6f4bf003136d8
- SHA1
  
  debaa7d57086ebe0c11df6ee520cd78a9109bfa0
- SHA256
  
  75cc3513dad447d94e278452a4c23582356cf127f2f290f915655742f4dd4f72
- SHA512
  
  0a72e64f022613386802b6110d3b38e0235867cfd657f4a691e7cc841ce9c467539be8d94ffb383637674980c795c2c65fbed301091eed31c6db364869592cc3
- SSDEEP
  
  768:Zz0jGGEMWk8TycxOMZz0jGGEMWk8TycxOMn:vlZNTyM3vlZNTyM3n
Score

1^/10
behavioral5 behavioral6
- Target
  
  SapphireX/SapphireX.exe
- Size
  
  97.4MB
- MD5
  
  2fd6ab9ede29579295b396a7d9c8e935
- SHA1
  
  9a8207071c65e19c360f2d574c7205aa710582be
- SHA256
  
  0fef0b66199dc27ed7691e63852b9c19b9f2a1a19d16811e08a834013b038576
- SHA512
  
  e64b442f021a17d4b9cda50c99cec33594d42e496f4afd6ce48d91c3d1d664fa5082598f04cf9f1186a2d03d3d2361666e4c0f12500cdbefecaebbc48255146d
- SSDEEP
  
  393216:TMgE1A1/9F6DncvuyJAlgoy7AacE7+fa:TXE1AB9MncvuzEMS
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral7 behavioral8

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8