← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
HijackLoader evolution: abusing genuine signing certificates
WHITE CyberHunter_NL 2024-10-15 Modified: 2024-10-15
155
IOCs
HIGH VOLUME
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
hijackloaderoctobersamplesharfanglab edrsha256lumma stealerdll sideloadinginfection chainfake captchazip archiveinstallerpathhiderloadergatepowershelllummasamecoin
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Lumma SameCoin
Indicators of Compromise (43 / 155 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 00aaddb51e420ea06226f6ba02ed6ddda54920d6 SHA1 of bdd338ff606d1e08ec16d13fbc5dee1e404ad2ae857a70e81bb23888beabf63a 2024-10-15
FileHash-SHA1 0e0906b4ffe49c5e8dad96928da7c86a759cb58e SHA1 of d022c579f3619b23b74fa31b6241feb542bf089cb52609256894da08f787d2f3 2024-10-15
FileHash-SHA1 1136b9369b52820deda79199f4539404ec195cf8 SHA1 of a95276bc7b7474384166232e0ebe86a5e40ed6d1cdd103794b3b5af107a3eee3 2024-10-15
FileHash-SHA1 19bf1f1e7c133ab6f3b4d69ec0d69dce25ab272f SHA1 of 39551715b734f4a331dd0b39a953a79567f642dc38bfa173f9849a4dbdd7d34e 2024-10-15
FileHash-SHA1 1b28a72f6746ad76f7b25ab767ce7b775282fbeb SHA1 of 402aacbb8dc07d96733eee2292f709d89d65efbe82d55e0dd4b7764cdde287b5 2024-10-15
FileHash-SHA1 1c09665c6c9d3c6592e37dd4016e88a3898a976f SHA1 of fa6e61f845c06cb9075806cfc8cb8ed7e1ca7dc956cce5eafbe99babf85d9e66 2024-10-15
FileHash-SHA1 2382333890c00fe21db85824b5959c2fa0e6c32a SHA1 of e13aa5f31d2469fc4db4e54af711035ea79f63be591c0460982c0b6baf08e649 2024-10-15
FileHash-SHA1 2a30f5c7ad77d6d9afae7ec9a48d51c3340d42e6 SHA1 of 8552afefa1cdcfe5889cf01bfae140e341c5bfb03188e65a45d2c8d90520e11e 2024-10-15
FileHash-SHA1 2a58eefc59b86703c4d0a1b926dac3f4569855c7 SHA1 of 0a6df5fb902be0b4b0ed9bfb4f53df4ab54391458a7d8833d524d16d46b33f33 2024-10-15
FileHash-SHA1 2b20ee6fb83ff52bdd2714741a8783981795b8e7 2024-10-15
FileHash-SHA1 2d593108841ed22026182ecf5f859dd130d6830a SHA1 of 7085f5baff8a1f39a4baf11b650aad21454eef8b0afd13f9c4338fed86b99785 2024-10-15
FileHash-SHA1 2dd67214d7c7274458cfecc78e4b51063869d8e3 2024-10-15
FileHash-SHA1 39ed360b7f145ade8bd1174cda38b6806004f925 SHA1 of 0d40a18d67005a5ade12b5593df3cf9e7ae996bebedacad64de81de3ffb9821a 2024-10-15
FileHash-SHA1 3ec28712c770882098f6cc12dac701b33569ad07 SHA1 of 34fea0c0708ecfceb592029910626ca699fb5f18595599d47a9ec87749940884 2024-10-15
FileHash-SHA1 4b2459e76864532bdb1f00bf909495c96a01f93c 2024-10-15
FileHash-SHA1 4e991f191834d615f0854de300922321141283a4 SHA1 of 5c019e25c46cc13a4bc05ccacf2b783f9435bed724ae945d1508c69f3490a617 2024-10-15
FileHash-SHA1 54139b55030d781f4553054d76ebbc14a563f574 SHA1 of c78b8771a5b897c03008c09241fdb07160264858f49c7398f9db681fc2003971 2024-10-15
FileHash-SHA1 5c305b46796e77c6e9c9fe04846e3dd499139497 SHA1 of 25c2c9648b5be95c0a61f043f2a9e5703373c3831edbe8cc8b7c857b405f172a 2024-10-15
FileHash-SHA1 5ecd5397daff7a5fab0b41b6692dea995c0d2792 SHA1 of c73b23798aa9785f2e593db8ced278e0c325e4cb545bb9c8f9004165bd983b6d 2024-10-15
FileHash-SHA1 67842e9bcb8123af48c8331d9e06f7ab6684c8fe SHA1 of d948e07325a1cf48bb9749e3f0a83d69c4abb96f822e3002b31b752ebb292c77 2024-10-15
FileHash-SHA1 80efc6c88e94fb6cfb492cba2a5e3e159d321a14 SHA1 of be0644373ab939d3e3d1766927039876b4c3511258dd5ecf3cb75f1dab5ac324 2024-10-15
FileHash-SHA1 913e0d1aadbc1593b76f6442bb89070bc4a5e224 SHA1 of 649ec4858e572e0145e35a9faa712708949b7bb1bce1594154cda580d80a0ca9 2024-10-15
FileHash-SHA1 915088e9f010f65e7c79015daefd9a824945fb00 SHA1 of a941faec5a25db96d6258d5c1e6c30f9f18ecf9937b63eb687b4d71a0af871f0 2024-10-15
FileHash-SHA1 934eef742747ce743b9dc9614f221637dfd1d9ee SHA1 of 27ed09b6bbce8c6306640adf76d6dd1f3b97c406915d72b215165fe1c5615ac7 2024-10-15
FileHash-SHA1 9ab715469312dbea6040248d19ab3ad46b4277e8 SHA1 of c20e98a4190f9063f9181d8d9fc01bb89e4e56cb888d4d8883c593586ff52a09 2024-10-15
FileHash-SHA1 9c8e9d7e3912657459af2dcd4020d1a44af62b3e SHA1 of e72b171c1383bda2f72ad0e5cdcab833d1488c143ad9386b290d44cb2d67e702 2024-10-15
FileHash-SHA1 9e396f767ced55b51864f84a3142d48937f128f4 SHA1 of 3d2f989bf5887b1dbbfbb0030ed0e4c304dd0e6123a1e10e798ee3eb10c87f8b 2024-10-15
FileHash-SHA1 ab91114228fe443ad928a8652b530ef9de4b22aa SHA1 of 68242a96e0283db31f7a68f6e26df99e1a27fef1f1f9d732f0ddd0b8663ba3c6 2024-10-15
FileHash-SHA1 abd4e332744f7ca3536b37536dfd43c590c3054c SHA1 of 04675527ea934ff3450cf20900b7233a8a86125b5f3042d97d3a6e349631f307 2024-10-15
FileHash-SHA1 af5c5b772a47a66e570571a28c9670ed699b5265 SHA1 of 315e6d1736e2ec8465a172d289a6520ec127e1b02190716b383226275672170b 2024-10-15
FileHash-SHA1 b4c4d495e1f91499c15004a6ecac00041f8a1ea0 SHA1 of e4536f1dc62b6bae30e6da53cece729820bb27891a020b6a6cf7c4fe566f15a4 2024-10-15
FileHash-SHA1 b5f596598c16111639a5079d02a6062d49feefe5 SHA1 of ff946f48f6bdf33d31f39614909115fead505c16426411897bd8e48362017d31 2024-10-15
FileHash-SHA1 b8b7b5636a815fa761f7b6467b3c11226efa4c5f SHA1 of c6e595d44257f293200b926123cea0f3cdbd622b32226758e907f9829d652833 2024-10-15
FileHash-SHA1 b9f38b090cedb4935322d048acde375d139e8581 SHA1 of 81fa2b7bd9d726d239b08595d1445efaa697ef45761551b966c3a3930288952d 2024-10-15
FileHash-SHA1 bd13d3da53917a8cafa34a7b76f67a29969b53c4 SHA1 of 1839b7152814b16b9f28326081f16bf9c5bbbb380005232c92d25c9a3e36e337 2024-10-15
FileHash-SHA1 d2e68e195cfe05d9fa548cf387f83173c8e82c20 SHA1 of 315615abe0592af8ae3c90b6ad3b18047084612b49699a6f26eafe1dc747d773 2024-10-15
FileHash-SHA1 d33a31ecdbd673b93cb70f516a57643056931c8b SHA1 of 17926b988b31296c26bf8fcc5be5595f8b290112949cd9314b3ddb51216a9fc6 2024-10-15
FileHash-SHA1 d61713a4617b5d1ea4ca295f142fb670643f7aeb SHA1 of d465588501d2882d1a223516c4f66bcc44ea7211245fd49b9e61a64f94831614 2024-10-15
FileHash-SHA1 dcc865c6dd9ea2318439f207acbc2ac0797fb51b 2024-10-15
FileHash-SHA1 e6109ce89561d4259f58b602fb98ed62b9ff3eb9 SHA1 of 26ab5cf8df71135baf2661864f7d5a62262688a018f7450c5de962433c2b99c9 2024-10-15
FileHash-SHA1 f302d29dec29b0dfabefaee8a6d8bd547c89fecb SHA1 of 5ed854b4ed07250521f0da12b810128b014b2c6e83b8ba51b80dfa9e4252a3bf 2024-10-15
FileHash-SHA1 f31028af70d6feda66f596a25402238feab68360 SHA1 of 174432fd986530d149a229fa4cfbb0bfe19fc9a6a52efd405a5da02c90a7f9fd 2024-10-15
FileHash-SHA1 fdd829d3b46933ef8015b70b6c3fce6ba9675578 2024-10-15
References (1)
↗ https://harfanglab.io/insidethelab/hijackloader-abusing-genuine-certificates/