← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
HijackLoader evolution: abusing genuine signing certificates
WHITE CyberHunter_NL 2024-10-15 Modified: 2024-10-15
155
IOCs
HIGH VOLUME
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
hijackloaderoctobersamplesharfanglab edrsha256lumma stealerdll sideloadinginfection chainfake captchazip archiveinstallerpathhiderloadergatepowershelllummasamecoin
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Lumma SameCoin
Indicators of Compromise (38 / 155 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 14491e543969ce197f2fa628134bbc8c MD5 of 7085f5baff8a1f39a4baf11b650aad21454eef8b0afd13f9c4338fed86b99785 2024-10-15
FileHash-MD5 1fd93c682728d75a8d65ec4b738f8b09 MD5 of 3d2f989bf5887b1dbbfbb0030ed0e4c304dd0e6123a1e10e798ee3eb10c87f8b 2024-10-15
FileHash-MD5 249ed615e8b43896fffd3cb3755c7a0a MD5 of 402aacbb8dc07d96733eee2292f709d89d65efbe82d55e0dd4b7764cdde287b5 2024-10-15
FileHash-MD5 38c34b5b4e07f00548bcfbca9b5174f7 MD5 of 174432fd986530d149a229fa4cfbb0bfe19fc9a6a52efd405a5da02c90a7f9fd 2024-10-15
FileHash-MD5 4e80e52645001517b04c7f94d5e3901c MD5 of 25c2c9648b5be95c0a61f043f2a9e5703373c3831edbe8cc8b7c857b405f172a 2024-10-15
FileHash-MD5 52becd502ef0b2316860d98981acf795 MD5 of 27ed09b6bbce8c6306640adf76d6dd1f3b97c406915d72b215165fe1c5615ac7 2024-10-15
FileHash-MD5 57573e0c7c535e6a3bd6771b4ff9e561 MD5 of d948e07325a1cf48bb9749e3f0a83d69c4abb96f822e3002b31b752ebb292c77 2024-10-15
FileHash-MD5 59771c4f77fa4611c7a6bb12a9fc3b33 MD5 of 315615abe0592af8ae3c90b6ad3b18047084612b49699a6f26eafe1dc747d773 2024-10-15
FileHash-MD5 610c6b64e29dcd3ece8b4553ded7fd11 MD5 of d022c579f3619b23b74fa31b6241feb542bf089cb52609256894da08f787d2f3 2024-10-15
FileHash-MD5 63f61285c5d92edeaa604b1f70bbe7ef MD5 of e4536f1dc62b6bae30e6da53cece729820bb27891a020b6a6cf7c4fe566f15a4 2024-10-15
FileHash-MD5 6d420ef4adb20204921b73bf6a6de4bc MD5 of ff946f48f6bdf33d31f39614909115fead505c16426411897bd8e48362017d31 2024-10-15
FileHash-MD5 6d6a207d5513fa5ac6ead647f5d66a6a MD5 of 649ec4858e572e0145e35a9faa712708949b7bb1bce1594154cda580d80a0ca9 2024-10-15
FileHash-MD5 75ef011f44494c3d8fa9cf48845d0195 MD5 of 26ab5cf8df71135baf2661864f7d5a62262688a018f7450c5de962433c2b99c9 2024-10-15
FileHash-MD5 788e63259655231b1537fc3afa5cc400 MD5 of a95276bc7b7474384166232e0ebe86a5e40ed6d1cdd103794b3b5af107a3eee3 2024-10-15
FileHash-MD5 789b83fbd5f4cc7a90337f3d9a34d4a6 MD5 of e13aa5f31d2469fc4db4e54af711035ea79f63be591c0460982c0b6baf08e649 2024-10-15
FileHash-MD5 8016a4e5c3504a522981dcd9a749d221 MD5 of 0d40a18d67005a5ade12b5593df3cf9e7ae996bebedacad64de81de3ffb9821a 2024-10-15
FileHash-MD5 85592017c8e459c8895fa75790df7d05 MD5 of be0644373ab939d3e3d1766927039876b4c3511258dd5ecf3cb75f1dab5ac324 2024-10-15
FileHash-MD5 8e118c57cb2f0f7b75ce0fa21b86a6b3 MD5 of 81fa2b7bd9d726d239b08595d1445efaa697ef45761551b966c3a3930288952d 2024-10-15
FileHash-MD5 8e28002290167203f7ea105952eef5c6 MD5 of e72b171c1383bda2f72ad0e5cdcab833d1488c143ad9386b290d44cb2d67e702 2024-10-15
FileHash-MD5 9559201c4969f6ff94cf2ea4ba94e852 MD5 of c6e595d44257f293200b926123cea0f3cdbd622b32226758e907f9829d652833 2024-10-15
FileHash-MD5 9b5f9e0459cf54039a5bd005835daf7a MD5 of 39551715b734f4a331dd0b39a953a79567f642dc38bfa173f9849a4dbdd7d34e 2024-10-15
FileHash-MD5 b03be320be328e9b93a490202b9ee968 MD5 of c73b23798aa9785f2e593db8ced278e0c325e4cb545bb9c8f9004165bd983b6d 2024-10-15
FileHash-MD5 b52c228a0045b5c6478790de193fe5e2 MD5 of 5ed854b4ed07250521f0da12b810128b014b2c6e83b8ba51b80dfa9e4252a3bf 2024-10-15
FileHash-MD5 b69b01ff5d99a0f3f11f1e6abe164b19 MD5 of 68242a96e0283db31f7a68f6e26df99e1a27fef1f1f9d732f0ddd0b8663ba3c6 2024-10-15
FileHash-MD5 b77e715fba732c941fcb7eac31241653 MD5 of 34fea0c0708ecfceb592029910626ca699fb5f18595599d47a9ec87749940884 2024-10-15
FileHash-MD5 c21fd752bc01eaad81e75f4cff2a90c7 MD5 of bdd338ff606d1e08ec16d13fbc5dee1e404ad2ae857a70e81bb23888beabf63a 2024-10-15
FileHash-MD5 cf18fae6c9b921d7f11a70c4770379ab MD5 of c20e98a4190f9063f9181d8d9fc01bb89e4e56cb888d4d8883c593586ff52a09 2024-10-15
FileHash-MD5 e5aeb3369c1fed7dc7ab2d1866eb900f MD5 of 8552afefa1cdcfe5889cf01bfae140e341c5bfb03188e65a45d2c8d90520e11e 2024-10-15
FileHash-MD5 e6776db364a5ce734354a37bf5a9a931 MD5 of a941faec5a25db96d6258d5c1e6c30f9f18ecf9937b63eb687b4d71a0af871f0 2024-10-15
FileHash-MD5 f099d017f2ff0b5b8aa572e0ad9f3753 MD5 of fa6e61f845c06cb9075806cfc8cb8ed7e1ca7dc956cce5eafbe99babf85d9e66 2024-10-15
FileHash-MD5 f162874d216b8e26ef8f58ee36c6da03 MD5 of 5c019e25c46cc13a4bc05ccacf2b783f9435bed724ae945d1508c69f3490a617 2024-10-15
FileHash-MD5 f2b0c1c131a9b21665c03db148b9a22e MD5 of c78b8771a5b897c03008c09241fdb07160264858f49c7398f9db681fc2003971 2024-10-15
FileHash-MD5 f5fb0d3eb6c721150534ed48461142be MD5 of 1839b7152814b16b9f28326081f16bf9c5bbbb380005232c92d25c9a3e36e337 2024-10-15
FileHash-MD5 f62a7991555625e3356f9214678a16ab MD5 of 0a6df5fb902be0b4b0ed9bfb4f53df4ab54391458a7d8833d524d16d46b33f33 2024-10-15
FileHash-MD5 fac22e52391a099938fcc4dca7a6fb11 MD5 of 315e6d1736e2ec8465a172d289a6520ec127e1b02190716b383226275672170b 2024-10-15
FileHash-MD5 faf3fddac9a135028688bc7a87c2d951 MD5 of 04675527ea934ff3450cf20900b7233a8a86125b5f3042d97d3a6e349631f307 2024-10-15
FileHash-MD5 fe0463c2453ae532d1630f26c64c2080 MD5 of d465588501d2882d1a223516c4f66bcc44ea7211245fd49b9e61a64f94831614 2024-10-15
FileHash-MD5 ff0206612063b4d2b3e2ed6ee9d5eef0 MD5 of 17926b988b31296c26bf8fcc5be5595f8b290112949cd9314b3ddb51216a9fc6 2024-10-15
References (1)
↗ https://harfanglab.io/insidethelab/hijackloader-abusing-genuine-certificates/