← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
LummaStealer 2.0: Enhanced Evasion Techniques and Widespread Impact
LummaStealer 2.0, a sophisticated Malware-as-a-Service (MaaS), has evolved with enhanced evasion techniques, targeting a wide range of Windows systems. The latest version leverages MSHTA process abuse to execute remote code, bypassing defense mechanisms and increasing the likelihood of successful attacks. LummaStealer collects sensitive data, including credentials, cookies, cryptocurrency wallets, and other personally identifiable information.
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (59)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| CVE | CVE-2025-32433 | — | 2025-04-23 | |
| FileHash-MD5 | 072ea02fabcc29314c4a5aac4c3e6c72 | MD5 of 279ec364b8bc3244335c47ed2586d387e448ac7b | 2025-04-23 | |
| FileHash-MD5 | 30df5bd13b9666d14a13cdc7960803f5 | MD5 of 88958d7c9749b7d085ee28d9fa50151a505eba09 | 2025-04-23 | |
| FileHash-MD5 | 49434457727243754f7361764b4d4679 | — | 2025-04-23 | |
| FileHash-MD5 | b775351f7a697d6deb1d440dc12d9761 | MD5 of b133d42502750817aa8e88119ff36158d2f8ecee | 2025-04-23 | |
| FileHash-MD5 | c44b2e323b4164c50ca6a4f1d55c7504 | MD5 of ded3ed8724e5913d341b3eaca9bd9f47f0e4a4a2 | 2025-04-23 | |
| FileHash-MD5 | e62cce9a08224552b513d24397cb4413 | — | 2025-04-23 | |
| FileHash-SHA1 | 0551cdbf681c7ce31754247291dc550df0807cee | — | 2025-04-23 | |
| FileHash-SHA1 | 279ec364b8bc3244335c47ed2586d387e448ac7b | — | 2025-04-23 | |
| FileHash-SHA1 | 30b18eb4082b8842fea862c2860255edafc838ab | — | 2025-04-23 | |
| FileHash-SHA1 | 60e30eaeedc7abb079fd7e6d2d8f486de5a9af38 | — | 2025-04-23 | |
| FileHash-SHA1 | 79d7a6e7441d478fc81638e6ed458e898e0ebf2b | — | 2025-04-23 | |
| FileHash-SHA1 | 88958d7c9749b7d085ee28d9fa50151a505eba09 | — | 2025-04-23 | |
| FileHash-SHA1 | 8b0f45b361b9b74a5e4383d692e281a59f44f508 | — | 2025-04-23 | |
| FileHash-SHA1 | 8bb8f2324aa1aca4da6fbea5cdaad4f66263b545 | — | 2025-04-23 | |
| FileHash-SHA1 | a2840e3927351244f253d54389a66342a4f6be33 | — | 2025-04-23 | |
| FileHash-SHA1 | b133d42502750817aa8e88119ff36158d2f8ecee | — | 2025-04-23 | |
| FileHash-SHA1 | b9ff81cc8ad9e4d30df66fe520d1a0f5231902a6 | — | 2025-04-23 | |
| FileHash-SHA1 | d896764e7ce9e8685ce4e11aa49d556f8a23a547 | — | 2025-04-23 | |
| FileHash-SHA1 | decd01a95a05f557720e62ada86fa929f4687e88 | — | 2025-04-23 | |
| FileHash-SHA1 | ded3ed8724e5913d341b3eaca9bd9f47f0e4a4a2 | — | 2025-04-23 | |
| FileHash-SHA1 | ef85ba125184cbb92b3abf780fa9dbf0a1f1d4d0 | — | 2025-04-23 | |
| FileHash-SHA1 | f2ec439b1f1b8d7dcc38d979bcf6ad64fe437122 | — | 2025-04-23 | |
| FileHash-SHA256 | 06f848f9c41bfb87ff6a8349180947d19edd0893f2791040bc3018355e862ea1 | — | 2025-04-23 | |
| FileHash-SHA256 | 4265ca4342cc738c14c9f1fceaf407f7126c42e0038782c2014493c1dde1ff01 | SHA256 of 279ec364b8bc3244335c47ed2586d387e448ac7b | 2025-04-23 | |
| FileHash-SHA256 | 4baabdbe96a16716454a62abd7a7105d8b3a775c2428a0052d9738b0412a32c6 | SHA256 of b133d42502750817aa8e88119ff36158d2f8ecee | 2025-04-23 | |
| FileHash-SHA256 | 6a80253afc260c3966c662f519d3ce3da4ccfeaec1314083800c5097ec9cbd1f | SHA256 of 88958d7c9749b7d085ee28d9fa50151a505eba09 | 2025-04-23 | |
| FileHash-SHA256 | 77f2a6a87fd5aca73be774e267907427277d863f335fea09ccfb4b693d5a0287 | SHA256 of ded3ed8724e5913d341b3eaca9bd9f47f0e4a4a2 | 2025-04-23 | |
| URL | http://haven.shop/singl6 | — | 2025-04-23 | |
| domain | awagama.org | — | 2025-04-23 | |
| domain | awagama2.org | — | 2025-04-23 | |
| domain | extranet-captcha.com | — | 2025-04-23 | |
| domain | goatstuff.sbs | — | 2025-04-23 | |
| domain | haven.shop | — | 2025-04-23 | |
| domain | hookylucnh.click | — | 2025-04-23 | |
| domain | klipbazyxui.shop | — | 2025-04-23 | |
| domain | klipbyxycaa.shop | — | 2025-04-23 | |
| domain | klipderiq.shop | — | 2025-04-23 | |
| domain | klipdiheqoe.shop | — | 2025-04-23 | |
| domain | kliphylj.shop | — | 2025-04-23 | |
| domain | onceletthemcheck.com | — | 2025-04-23 | |
| domain | savecoupons.store | — | 2025-04-23 | |
| domain | scrutinycheck.cash | — | 2025-04-23 | |
| domain | seanthegeek.net | — | 2025-04-23 | |
| domain | simplerwebs.world | — | 2025-04-23 | |
| domain | topofsuper.store | — | 2025-04-23 | |
| hostname | affc.klipcewucyu.shop | — | 2025-04-23 | |
| hostname | anita2.snuggleam.org | — | 2025-04-23 | |
| hostname | atsuka.thrivezest.org | — | 2025-04-23 | |
| hostname | check.qlkwr.com | — | 2025-04-23 | |
| hostname | deduhko2.klipzyroloo.shop | — | 2025-04-23 | |
| hostname | dma.sportstalk-musiclover.com | — | 2025-04-23 | |
| hostname | heavens.holistic-haven.shop | — | 2025-04-23 | |
| hostname | pawpaws.readit-carfanatics.com | — | 2025-04-23 | |
| hostname | sakura.holistic-haven.shop | — | 2025-04-23 | |
| hostname | solve.fizq.net | — | 2025-04-23 | |
| hostname | solve.gevaq.com | — | 2025-04-23 | |
| hostname | t1.awagama2.org | — | 2025-04-23 | |
| hostname | xian.klipderiq.shop | — | 2025-04-23 |