← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
ACTIVIDAD MALICIOSA | Relacionada con Lumma Stealer 26-09-2024
WHITE esoporteingenieria2020 2024-09-26 Modified: 2024-09-26
26
IOCs
MEDIUM VOLUME
McAfee Labs observó recientemente una cadena de infección en la que se utilizan páginas CAPTCHA falsas para distribuir malware, específicamente Lumma Stealer. Estamos observando una campaña dirigida a varios países. A continuación, se muestra un mapa que muestra la geolocalización de los dispositivos que acceden a URL CAPTCHA falsas, lo que destaca la distribución global del ataque.
accessdiscoveryta0001 initialt1003 datalocal systemt1033 systemt1057 processt1082 systemt1087 account
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Lumma Stealer
Indicators of Compromise (26)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 19ebf18a76c82d02c86490c044c6fbff MD5 of e23b63ba7bd02fe3d114be87a3b3a5aa43cc32c6 2024-09-26
FileHash-MD5 870feaab725b148208dd12ffabe33f9d MD5 of 9f3651ad5725848c880c24f8e749205a7e1e78c1 2024-09-26
FileHash-MD5 cf66710a3890b90b22652912df19e2a1 MD5 of bf91d9212804e68f5d36a373901bf9cba5f7e648 2024-09-26
FileHash-MD5 d8c9373341f651d04b758eace87b702a MD5 of 7c348f51d383d6587e2beac5ff79bef2e66c31d7 2024-09-26
FileHash-MD5 d92def0fa2d2b3202e312141f5a47c37 MD5 of cb60a7c5a44096faf1ed0c12eec613b203fc5cb8 2024-09-26
FileHash-MD5 e19784e1599279540a645d536a11104c MD5 of 4a89d18363d8417c6cb476099244149ae0f2a460 2024-09-26
FileHash-MD5 fac2188e4a28a0cf32bf4417d797b0f8 MD5 of 1970de8788c07b548bf04d0062a1d4008196a709 2024-09-26
FileHash-SHA1 1970de8788c07b548bf04d0062a1d4008196a709 2024-09-26
FileHash-SHA1 4a89d18363d8417c6cb476099244149ae0f2a460 2024-09-26
FileHash-SHA1 7c348f51d383d6587e2beac5ff79bef2e66c31d7 2024-09-26
FileHash-SHA1 9f3651ad5725848c880c24f8e749205a7e1e78c1 2024-09-26
FileHash-SHA1 bf91d9212804e68f5d36a373901bf9cba5f7e648 2024-09-26
FileHash-SHA1 cb60a7c5a44096faf1ed0c12eec613b203fc5cb8 2024-09-26
FileHash-SHA1 e23b63ba7bd02fe3d114be87a3b3a5aa43cc32c6 2024-09-26
FileHash-SHA256 19d04a09e2b691f4fb3c2111d308dcfa2651328dfddef701d86c726dce4a334a SHA256 of 4a89d18363d8417c6cb476099244149ae0f2a460 2024-09-26
FileHash-SHA256 632816db4e3642c8f0950250180dfffe3d37dca7219492f9557faf0ed78ced7c SHA256 of 7c348f51d383d6587e2beac5ff79bef2e66c31d7 2024-09-26
FileHash-SHA256 b6a016ef240d94f86e20339c0093a8fa377767094276730acd96d878e0e1d624 SHA256 of cb60a7c5a44096faf1ed0c12eec613b203fc5cb8 2024-09-26
FileHash-SHA256 bbf7154f14d736f0c8491fb9fb44d2f179cdb02d34ab54c04466fa0702ea7d55 SHA256 of 9f3651ad5725848c880c24f8e749205a7e1e78c1 2024-09-26
FileHash-SHA256 cc29f33c1450e19b9632ec768ad4c8c6adbf35adaa3e1de5e19b2213d5cc9a54 SHA256 of bf91d9212804e68f5d36a373901bf9cba5f7e648 2024-09-26
FileHash-SHA256 d737637ee5f121d11a6f3295bf0d51b06218812b5ec04fe9ea484921e905a207 SHA256 of 1970de8788c07b548bf04d0062a1d4008196a709 2024-09-26
FileHash-SHA256 fa58022d69ca123cbc1bef13467d6853b2d55b12563afdbb81fc64b0d8a1d511 SHA256 of e23b63ba7bd02fe3d114be87a3b3a5aa43cc32c6 2024-09-26
URL https://2x.si/ta2.exe 2024-09-26
URL https://eemmbryequo.shop/api 2024-09-26
URL https://proffoduwnuq.shop/api 2024-09-26
domain eemmbryequo.shop 2024-09-26
domain proffoduwnuq.shop 2024-09-26
References (3)
↗ https://www.virustotal.com/graph/embed/gd1378181b0004790a24701cec5540725978b53d63c7742a0b4393cea692be3a2?theme=light ↗ https://www.mcafee.com/blogs/ ↗ https://www.alertasyseguridad.net/repositorio-ioc/