Pulse Detail — Threat Intelligence

PULSE NAME

Behind the Attack: LUMMA Malware - Perception Point

WHITE feisty-swim1410 2023-12-01 Modified: 2023-12-01

IOCs

MEDIUM VOLUME

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

MALWARE FAMILIES

Lumma Stealer

Indicators of Compromise (17)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	0563076ebdeaa2989ec50da564afa2bb	—	2023-12-01
FileHash-MD5	544cd51a596619b78e9b54b70088307d	MD5 of dfce2d4d06de6452998b3c5b2dc33eaa6db2bd37810d04e3d02dc931887cfddd	2023-12-01
FileHash-SHA1	4769ddd2dbc1dc44b758964ed0bd231b85880b65	SHA1 of dfce2d4d06de6452998b3c5b2dc33eaa6db2bd37810d04e3d02dc931887cfddd	2023-12-01
FileHash-SHA1	ac14e7468619ed486bf6c3d3570bea2cee082fbc	—	2023-12-01
FileHash-SHA256	515ad6ad76128a8ba0f005758b6b15f2088a558c7aa761c01b312862e9c1196b	—	2023-12-01
FileHash-SHA256	dfce2d4d06de6452998b3c5b2dc33eaa6db2bd37810d04e3d02dc931887cfddd	—	2023-12-01
URL	http://taretool.pw/api	—	2023-12-01
URL	http://www.patrickforeilly.com/eco/	—	2023-12-01
URL	https://fuelrescue.ie/eco/	—	2023-12-01
URL	https://robertoscaia.com/eco	—	2023-12-01
URL	https://www.patrickforeilly.com/eco/	—	2023-12-01
URL	https://www.robertoscaia.com/eco/	—	2023-12-01
domain	fuelrescue.ie	—	2023-12-01
domain	robertoscaia.com	—	2023-12-01
domain	taretool.pw	—	2023-12-01
hostname	www.patrickforeilly.com	—	2023-12-01
hostname	www.robertoscaia.com	—	2023-12-01

References (1)