← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Tricks and Treats: GHOSTPULSE’s new pixel-level deception — Elastic Security Labs
WHITE CyberHunter_NL 2024-10-22 Modified: 2024-10-22
108
IOCs
HIGH VOLUME
The latest version of the GHOSTPULSE malware has evolved to hide its encrypted configuration and payload within the pixels of a PNG file, according to research by Elastic Security Labs and the University of California, Los Angeles.
ghostpulselummastealer c2idat chunksecuritypng filesecurity labsoctobercaptchayaraidat stringtrojancontacthijackloaderlumma stealergreenlumma
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
LUMMA GHOSTPULSE
Indicators of Compromise (1 / 108 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 YARA domain URL
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 6a04e635ebd54701f2da4f0db22d188b MD5 of 57ebf79c384366162cb0f13de0de4fc1300ebb733584e2d8887505f22f877077 2024-10-22
References (1)
↗ https://www.elastic.co/security-labs/tricks-and-treats