Pulse Detail — Threat Intelligence

PULSE NAME

LummaC2 Stealware

WHITE feisty-swim1410 2023-11-16 Modified: 2023-12-16

IOCs

HIGH VOLUME

The LummaC2 stealer malware strain has been identified as being used by threat actors operating under different aliases, according to a report published by the UK-based security firm Verdant.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1005 T1012 T1053 T1059 T1082 T1102 T1112 T1120 T1489 T1491 T1543 T1547 T1552 T1553 T1562 T1564

MALWARE FAMILIES

RedLine SectopRAT LummaC2

Indicators of Compromise (9 / 82 total)

All domain FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	027a16a9aecd317fd3feedd4b1486187	MD5 of 51925d36298a3d9ceac6067fdc1ba1f799ef5c53553be95d6827192df0700d80	2023-11-16
FileHash-MD5	009bfb420e8cd24a515cfcae6145adcd	MD5 of 0dc2ed3a68353261b09be0a93070ccfb23f48786be6ba548ed0f9c373befe110	2023-11-16
FileHash-MD5	054fce55b83e4aa47ef86b089aa09e3b	MD5 of 72d2536c7a849a18bee4c3b574873371f05e8fcbd31f2b922f3231dbdce3f632	2023-11-16
FileHash-MD5	0ee75901470dc0d952731eb2b8909341	MD5 of 1522a865e9d583c3581fc19cafef5a41a7c7d0f759aaead3364045f300202305	2023-11-16
FileHash-MD5	1a8aa05fdf4be819c8fcfd84359330d1	MD5 of 4d5d3f9967db0ed61f9e48de6bab3f5b0a9f30e58da52e8b0dd8601e908f4743	2023-11-16
FileHash-MD5	64017a99d238be89c07e71c1b2234fd5	MD5 of 33c1d451e3a186d8734b27319b80036976cca882a6c531ddde9ad814cf42ef93	2023-11-16
FileHash-MD5	98d68558f566110c2b6faeafee60f8ed	MD5 of 6e04b543db11048a0b57fe786c0c52441ded217252cd6564fc63ff84ee486f10	2023-11-16
FileHash-MD5	e07aa33f0e6aec02240a232e71b7e741	MD5 of c9094685ae4851fd5a5b886b73c7b07efd9b47ea0bdae3f823d035cf1b3b9e48	2023-11-16
FileHash-MD5	ebac06e859dd555bbb5012fcdb9c6528	MD5 of 93015b567e5ba8266205fb1183a6a26a3b950b67fd1366639ae232206d972f77	2023-11-16

References (1)

↗ https://www.quorumcyber.com/wp-content/uploads/2023/09/Quorum-Cyber-Lumma-Stealer-Malware-Report-TI.pdf