Overview

overview

10

Static

static

3

SapphireX.exe

windows7-x64

1

SapphireX.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SapphireX.exe

  • Size

    97.4MB

  • Sample

    240701-sk3cxs1gjq

  • MD5

    2fd6ab9ede29579295b396a7d9c8e935

  • SHA1

    9a8207071c65e19c360f2d574c7205aa710582be

  • SHA256

    0fef0b66199dc27ed7691e63852b9c19b9f2a1a19d16811e08a834013b038576

  • SHA512

    e64b442f021a17d4b9cda50c99cec33594d42e496f4afd6ce48d91c3d1d664fa5082598f04cf9f1186a2d03d3d2361666e4c0f12500cdbefecaebbc48255146d

  • SSDEEP

    393216:TMgE1A1/9F6DncvuyJAlgoy7AacE7+fa:TXE1AB9MncvuzEMS

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://citizencenturygoodwk.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      SapphireX.exe

    • Size

      97.4MB

    • MD5

      2fd6ab9ede29579295b396a7d9c8e935

    • SHA1

      9a8207071c65e19c360f2d574c7205aa710582be

    • SHA256

      0fef0b66199dc27ed7691e63852b9c19b9f2a1a19d16811e08a834013b038576

    • SHA512

      e64b442f021a17d4b9cda50c99cec33594d42e496f4afd6ce48d91c3d1d664fa5082598f04cf9f1186a2d03d3d2361666e4c0f12500cdbefecaebbc48255146d

    • SSDEEP

      393216:TMgE1A1/9F6DncvuyJAlgoy7AacE7+fa:TXE1AB9MncvuzEMS

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks