← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Warning Against Infostealer Infections Upon Executing Legitimate EXE Files (DLL Hijacking)
WHITE scoreblue 2023-11-04 Modified: 2023-12-01
82
IOCs
HIGH VOLUME
dllsexe filefilelummac2xyz hxxpxyzc2conf hxxpinfostealerdll hijackingdll entrypointlummac2 malwareauguststeam
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
LummaC2
Indicators of Compromise (82)
All URL FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
URL http://nursepridespan.fun/ 2023-11-04
FileHash-MD5 12e5c5c08049ecaa5e15d51bbe58fd41 2023-11-04
FileHash-MD5 1377ef7319507a10d135d5128ac9fbc8 2023-11-04
FileHash-MD5 1d1ef4a4155edb56e8f3c8587fde8df0 2023-11-04
FileHash-MD5 200499eacae55905e27d0b96314cb0c7 2023-11-04
FileHash-MD5 23ba27d352305f29d201ac5e43fc4583 2023-11-04
FileHash-MD5 4474e26725db0e84d8418b25137d275b 2023-11-04
FileHash-MD5 483ad6a57ea6cae5696841f07f1177f0 2023-11-04
FileHash-MD5 48c9a0c76b44a5f2729c876085adba4e 2023-11-04
FileHash-MD5 4b8ac7aab387e01cfa2c53cad3ef69b1 2023-11-04
FileHash-MD5 4ec1a433d0c1e6b58da254b506e3444f 2023-11-04
FileHash-MD5 4f688e1c75cbee5949af010cbc5d4057 2023-11-04
FileHash-MD5 50a40274ffe963e1f214f9f19746e29e 2023-11-04
FileHash-MD5 58ea42289ae52e82ffcfa20071c32d7a 2023-11-04
FileHash-MD5 61762b4a21b0b7b479d2eac80b630c2e 2023-11-04
FileHash-MD5 64e3c6d6a396836e3c57b81e4c7c8f3b 2023-11-04
FileHash-MD5 696e066c4f3d52d5766e724afbdb3594 2023-11-04
FileHash-MD5 8096e5aacfe4dc4ea1afe03ca254982a 2023-11-04
FileHash-MD5 88691dbfa349db78f96e3278d1afc943 2023-11-04
FileHash-MD5 89618931cf9487370542ca40509795a4 2023-11-04
FileHash-MD5 8f0717916432e1e4f3313c8ebde55210 2023-11-04
FileHash-MD5 a13bfe522abc659704965388ad4581ee 2023-11-04
FileHash-MD5 a3a0395dc0f15e2e92a55dcb7c3a7735 2023-11-04
FileHash-MD5 a860b368e9e2aa5cb4e7cb73607d18b1 2023-11-04
FileHash-MD5 ba99b11a84a19051eca441320af22f4e 2023-11-04
FileHash-MD5 c474b9effe72f11e73bfd8e2d5235108 2023-11-04
FileHash-MD5 c8a2de7077f97d4bce1a44317b49ef41 2023-11-04
FileHash-MD5 cce7eaa082751bdd6780707a9444964d 2023-11-04
FileHash-MD5 e634616d3b445fc1cd55ee79cf5326ea 2023-11-04
FileHash-MD5 e74fb90de19d7cc0b01155f29e6c306f 2023-11-04
FileHash-MD5 f362e88dd656c5512dbee66efffae107 2023-11-04
FileHash-SHA1 095f38a88eed3c399ae87a5e72e74106edd67f03 SHA1 of a860b368e9e2aa5cb4e7cb73607d18b1 2023-11-04
FileHash-SHA1 1e5e32c35af6bebeb800083f5c637cb03fac3e37 SHA1 of a13bfe522abc659704965388ad4581ee 2023-11-04
FileHash-SHA1 41456cd9c3b66cfb22f9bbeefb6750cce516bf3a SHA1 of 8f0717916432e1e4f3313c8ebde55210 2023-11-04
FileHash-SHA1 6cb3212ec9be08cb5a29bf8d37e9ca845efc18c9 SHA1 of c8a2de7077f97d4bce1a44317b49ef41 2023-11-04
FileHash-SHA1 7c7720604bb82351dfba857837d64b360cd715b2 SHA1 of 23ba27d352305f29d201ac5e43fc4583 2023-11-04
FileHash-SHA1 8a5bee1995153d6069fb322ed23dec2de461f0df SHA1 of 48c9a0c76b44a5f2729c876085adba4e 2023-11-04
FileHash-SHA1 ae6f2c862fe7c3c9f2389f558abd0e884a4cd56b SHA1 of 50a40274ffe963e1f214f9f19746e29e 2023-11-04
FileHash-SHA1 b59f7f3f9bdcabd1df07cae06f9ecb4491c112c5 SHA1 of 696e066c4f3d52d5766e724afbdb3594 2023-11-04
FileHash-SHA1 bb3a700fa2676d0223444a81796c7b21aa191ca8 SHA1 of ba99b11a84a19051eca441320af22f4e 2023-11-04
FileHash-SHA1 ca27a368d87bc776884322ca996f3b24e20645f4 SHA1 of e634616d3b445fc1cd55ee79cf5326ea 2023-11-04
FileHash-SHA1 dc4983edae51b3b8fa4b9b28c621e3dec41888ff SHA1 of 1377ef7319507a10d135d5128ac9fbc8 2023-11-04
FileHash-SHA1 f5624018c9e9c6e9f42ebb08fcd46f1b598c47d3 SHA1 of 88691dbfa349db78f96e3278d1afc943 2023-11-04
FileHash-SHA1 f689e6995c85817193282163a18ec917c5f8d5c2 SHA1 of 64e3c6d6a396836e3c57b81e4c7c8f3b 2023-11-04
FileHash-SHA256 045bd2e3ca743c96c9d2a2141e5eca75c0934ff14dad9ad097d398918036f864 SHA256 of 696e066c4f3d52d5766e724afbdb3594 2023-11-04
FileHash-SHA256 1f64f01063b26bf05d4b076d54816e54dacd08b7fd6e5bc9cc5d11a548ff2215 SHA256 of a13bfe522abc659704965388ad4581ee 2023-11-04
FileHash-SHA256 1fcd04fe1a3d519c7d585216b414cd947d16997d77d81a2892821f588c630937 SHA256 of e634616d3b445fc1cd55ee79cf5326ea 2023-11-04
FileHash-SHA256 3339c25fe3480f0d7fa93cfe7ab4acd7dcb8dc054250935867b967aa50edbf2f SHA256 of 50a40274ffe963e1f214f9f19746e29e 2023-11-04
FileHash-SHA256 448402c129a721812fa1c5f279f5ca906b9c8bbca652a91655d144d20ce5e6b4 SHA256 of c8a2de7077f97d4bce1a44317b49ef41 2023-11-04
FileHash-SHA256 89c61b5b70d806f603c431365f11f5faaa06f4ce34fc8006fb7ed026a2efdde4 SHA256 of 1377ef7319507a10d135d5128ac9fbc8 2023-11-04
FileHash-SHA256 8dc4d5deef19fb4da195c270819a6ee283b67408fc9ee187216a0ce80ee61bab SHA256 of 8f0717916432e1e4f3313c8ebde55210 2023-11-04
FileHash-SHA256 ac7a321a7b00b4adb5863b9a7e91e69afe9ce1953317234a2bd1bee97de744da SHA256 of 23ba27d352305f29d201ac5e43fc4583 2023-11-04
FileHash-SHA256 b5f9377bd27fcf48fb3d81d0196021681739f42a198e8340c27d55192d4bd3ac SHA256 of 48c9a0c76b44a5f2729c876085adba4e 2023-11-04
FileHash-SHA256 b874e5abdd7c008d47560fda4e84db893ac63c18c3a5a450d25f4e62ed8e8d8c SHA256 of 88691dbfa349db78f96e3278d1afc943 2023-11-04
FileHash-SHA256 cf801023465679ec34084bdb1adb9f54b2fc3130925a4b8fdc10b11639b4a7cd SHA256 of a860b368e9e2aa5cb4e7cb73607d18b1 2023-11-04
FileHash-SHA256 e631bf67c349ce3afc7d5960b0247af9466292bc314ff393dee0716f3a50fd5f SHA256 of ba99b11a84a19051eca441320af22f4e 2023-11-04
FileHash-SHA256 f2b4ca304f3d9d3305ae595e19906c545601f8c9e215a9b598036e89155daf85 SHA256 of 64e3c6d6a396836e3c57b81e4c7c8f3b 2023-11-04
URL http://5.42.66.17/ 2023-11-04
URL http://cloudsaled.xyz/ 2023-11-04
URL http://cloudsaled.xyz/c2conf 2023-11-04
URL http://go-vvv.com/hittest.php 2023-11-04
URL http://gonberusha.fun/api 2023-11-04
URL http://hokagef.fun/api 2023-11-04
URL http://nursepridespan.fun/api 2023-11-04
URL http://paintpeasmou.fun/ 2023-11-04
URL http://paintpeasmou.fun/api 2023-11-04
URL http://spreadbytile.fun/ 2023-11-04
URL http://spreadbytile.fun/api 2023-11-04
URL http://tfestv.fun/api 2023-11-04
URL http://warnger.xyz/ 2023-11-04
URL http://warnger.xyz/c2conf 2023-11-04
URL http://willywilk.fun/api 2023-11-04
domain cloudsaled.xyz 2023-11-04
domain go-vvv.com 2023-11-04
domain gonberusha.fun 2023-11-04
domain hokagef.fun 2023-11-04
domain nursepridespan.fun 2023-11-04
domain paintpeasmou.fun 2023-11-04
domain spreadbytile.fun 2023-11-04
domain tfestv.fun 2023-11-04
domain warnger.xyz 2023-11-04
domain willywilk.fun 2023-11-04
References (1)
↗ https://asec.ahnlab.com/en/58319/