General
-
Target
SapphireX.exe
-
Size
11.1MB
-
Sample
240704-mvq5raybjb
-
MD5
d1f7ddbcab22ab97b4df943dc7c032b7
-
SHA1
82a33e74aa3984e0d866c1d88e7da041f92ba66e
-
SHA256
019bf3b4c408dce8f27167201f4bf5ff6366dc5bb4076b60c16dbaaad7c74c39
-
SHA512
96f73307cfd62fa662a94d07231358250f54470691673eb6594a0ef8575f4e8678b1a7de4375bdf86a1eb5495f37c5480762d2593cf37542a7d24c15272a2b20
-
SSDEEP
98304:XmzcGgxlFrzqvS1jysyWT3EK5lqUkFYlqgmZP:XnnrzqvSZHT0M8h
Static task
static1
Behavioral task
behavioral1
Sample
SapphireX.exe
Resource
win7-20240611-en
Malware Config
Extracted
lumma
https://citizencenturygoodwk.shop/api
Targets
-
-
Target
SapphireX.exe
-
Size
11.1MB
-
MD5
d1f7ddbcab22ab97b4df943dc7c032b7
-
SHA1
82a33e74aa3984e0d866c1d88e7da041f92ba66e
-
SHA256
019bf3b4c408dce8f27167201f4bf5ff6366dc5bb4076b60c16dbaaad7c74c39
-
SHA512
96f73307cfd62fa662a94d07231358250f54470691673eb6594a0ef8575f4e8678b1a7de4375bdf86a1eb5495f37c5480762d2593cf37542a7d24c15272a2b20
-
SSDEEP
98304:XmzcGgxlFrzqvS1jysyWT3EK5lqUkFYlqgmZP:XnnrzqvSZHT0M8h
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-