Thursday, May 22, 2025

LummaC2 Malware

These indicators are patterns that can be used to detect malicious activity. 

File Hashes:

  • SHA-256 Hash: CA47C8710C4FFB4908A42BD986B14CDDCCA39E30BB0B11ED5CA16FE8922A468B
  • Multiple Hashes: This indicator includes a SHA-1 hash, a SHA-256 hash, and an MD5 hash, suggesting multiple ways to identify a specific malicious file:
    • SHA-1: 1239288A5876C09D9F0A67BCFD645735168A7C80
    • SHA-256: 19CC41A0A056E503CC2137E19E952814FBDF14F8D83F799AEA9B96ABFF11EFBB
    • MD5: 4AFDC05708B8B39C82E60ABE3ACE55DB

Domain Names: The following domain names are identified as indicators, meaning they are likely associated with malicious infrastructure (e.g., Command and Control servers, phishing sites):

  • cjlaspcorne.icu
  • owlflright.digital
  • seallysl.site
  • quilltayle.live
  • smeltingt.run
  • jawdedmirror.run
  • medicinebuckerrysa.pw
  • computeryrati.site
  • nestlecompany.pro
  • authorizev.site
  • piratetwrath.run
  • mercharena.biz
  • wallkedsleeoi.shop
  • gutterydhowi.shop
  • jrxsafer.top
  • quavabvc.top
  • calmingtefxtures.run
  • rambutanvcx.run

These IOCs can be used by security professionals to identify and block connections to malicious infrastructure and detect known malicious files within their networks. The document also lists various MITRE ATT&CK patterns, which describe common adversary tactics and techniques.

at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Love Language -

 

  • boardsi - summary - review
     Summarization of hundreds of comments on Reddit. Ineffective Service: The users explicitly states, "Confirmed that it doesn't w...
  • Privacy Policy, Flipp
    Based on a review of the provided Privacy Policy , here are some potential legal implications and issues that should be addressed: Scope a...