← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Tracking LummaC2 Infrastructure with Cats
WHITE LummaC2 AlienVault 2025-05-30 Modified: 2025-07-09
130
IOCs
HIGH VOLUME
The US Department of Justice and Microsoft disrupted LummaC2 infostealing-malware through domain seizures, taking down over 2,300 associated domains. The FBI and CISA released an advisory detailing LummaC2's tactics and indicators of compromise, including 114 domains. Analysis of these domains revealed common registration patterns, such as using Eastern European names and specific mail server hostnames. Notably, several domains featured an 'About Cats' landing page, with 58 additional domains sharing this characteristic and having high risk scores. These domains are suspected of distributing LummaC2 and other malware strains. Despite the takedown efforts, 41 of these domains remain active, highlighting the need for continued vigilance against LummaC2 infrastructure.
domain seizuresthreat intelligencelummac2infrastructure trackingrisk scoringinfostealing malwarecat-themed domainsmalware distribution
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
LummaC2
Indicators of Compromise (130)
All FileHash-MD5 FileHash-SHA1 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 1fc59ff559c941f99cf27c18ef066789 2025-05-30
FileHash-MD5 36a25a0c6dbc42e3b0018a89cf1e5d7c 2025-05-30
FileHash-MD5 45a16d54edb7453c992f898c6085d7aa 2025-05-30
FileHash-MD5 48360d300e9549d09ef0988f1f3e9940 2025-05-30
FileHash-MD5 4d9dd0f2400e4d0484eb7b8245a14521 2025-05-30
FileHash-MD5 552ef4dcb1034387830d1b3d9888433f 2025-05-30
FileHash-MD5 576df09b25a6496eac399155221d159e 2025-05-30
FileHash-MD5 5c931c5129104a1993c22b6a42def5ea 2025-05-30
FileHash-MD5 5e94f3d061bc4339a5eab48ac569b189 2025-05-30
FileHash-MD5 64adca8de7794635841da885aabc33c8 2025-05-30
FileHash-MD5 792ef5f0e22f4740ba354246856258c1 2025-05-30
FileHash-MD5 8413af3e5e4b413dab097ff0debe9750 2025-05-30
FileHash-MD5 90a122f4ea2845708765d641accaedb5 2025-05-30
FileHash-MD5 a920faa21aeb448f9e0a89602c227682 2025-05-30
FileHash-MD5 c03c8572c80443b496f20d11ca9f6c10 2025-05-30
FileHash-MD5 edf65a0c3eb94b3181460ea8fffea76b 2025-05-30
FileHash-MD5 f0f4b6e16b8d4005aec799e41a6c7287 2025-05-30
FileHash-MD5 f516b9050fd743e8b6f89a932acea38f 2025-05-30
FileHash-MD5 f72c2dd8f3e64ee3a70c0af8865e3e3d 2025-05-30
FileHash-MD5 fa43d5ac21544a9bba95e04c7e4bc250 2025-05-30
FileHash-SHA1 022bf70ddcc0b280fa7e3921c39093cfbd9fb255 2025-05-30
FileHash-SHA1 06043d638660130af45f12b8d13b033a1e3d484f 2025-05-30
FileHash-SHA1 085f1b4e6308582684ead2ebb8903885136be518 2025-05-30
FileHash-SHA1 0e9f6c970f62fb619080e436fe05dc7a05164f3b 2025-05-30
FileHash-SHA1 14dfd033cc71a77e2532c9a811fecafc3da0b71b 2025-05-30
FileHash-SHA1 19054ff9bcfba6d6bccc3ecbed29f3d5b8fda72c 2025-05-30
FileHash-SHA1 21a2b9341715408c464d0ad8fa2c986f4c0a36fa 2025-05-30
FileHash-SHA1 2f92195f0a8acddfcf33ccba61044a323783e354 2025-05-30
FileHash-SHA1 2fedaae8c45563a3c27c4d05071b0c1c45a774bc 2025-05-30
FileHash-SHA1 362049f6933922d05497c40b363be051861d12f2 2025-05-30
FileHash-SHA1 37e7f968ececf9c1e446d73a1df9220d2fbb7c42 2025-05-30
FileHash-SHA1 3c920328c3ec1dc332651d486afd495b0799ea11 2025-05-30
FileHash-SHA1 3d0298c42092552192ce9d38c0d3a8bea1b0d259 2025-05-30
FileHash-SHA1 3dba7dd1cde233fc0645b0f5d80e326324c00955 2025-05-30
FileHash-SHA1 3ddd4eb4edc7e12db71d9eb404c8c51c8861e406 2025-05-30
FileHash-SHA1 408a1ab56ee6b1547199460f0cf2e6ab4c0df2e5 2025-05-30
FileHash-SHA1 43524c7dae29eae434314ba53b766946e42face4 2025-05-30
FileHash-SHA1 49c21f7be467700833b1f336aedd3ad7b073c0ff 2025-05-30
FileHash-SHA1 4d29141f179eedfdb360c678bd621651ab982e8e 2025-05-30
FileHash-SHA1 4ea5137409ddbbcbf5e6e22d8d99fc64be7b4ec2 2025-05-30
FileHash-SHA1 509c8ce7c78111303f0e03babd3551054f5ee3cc 2025-05-30
FileHash-SHA1 51a88c13032c88fd96543272539c84554a887027 2025-05-30
FileHash-SHA1 5bdf7b050d176fc8f2e4d2be5482a307ea9dc757 2025-05-30
FileHash-SHA1 5e1f4b3f6cd9b508fd14ef5930eee1663997b623 2025-05-30
FileHash-SHA1 60459638d82498fdd4b39197488607fbb46df216 2025-05-30
FileHash-SHA1 6240d31ff701dd54adaa509bcdb06bea13468661 2025-05-30
FileHash-SHA1 627c12d30ededf6310242e8a4852ed89a0de6366 2025-05-30
FileHash-SHA1 64483f0386ec6a1a59831e161b1deb3704c648f9 2025-05-30
FileHash-SHA1 6b596dc8d1dc642c86a13bc1d78c1f9a4393a538 2025-05-30
FileHash-SHA1 6b994473e787c0701a66641e7abe47f1a074ad23 2025-05-30
FileHash-SHA1 6d18d41c09f46864c9566b800e62e569034ad4a7 2025-05-30
FileHash-SHA1 6e34e95dac777ddb41beac2e2188fc02a71e3289 2025-05-30
FileHash-SHA1 74113d66412e8124b5039bd53c8355748eed1d5c 2025-05-30
FileHash-SHA1 7619b6961fc1fe5275df5a6b2efe8b28b6ed37a1 2025-05-30
FileHash-SHA1 79322d4a195af845f7799364843ea7b173fed29c 2025-05-30
FileHash-SHA1 7b0d914da34eba536b23216062f6764bfbbda194 2025-05-30
FileHash-SHA1 7be840a03a77c97abb213800b60b51b7977f95ab 2025-05-30
FileHash-SHA1 8546c4de7399df58d01983a6d00ac747af0c1450 2025-05-30
FileHash-SHA1 855a3f7d07686b00b942362e9697e510677cd368 2025-05-30
FileHash-SHA1 881656f05a60588b8a42dff36f9ed2bc7463aa9b 2025-05-30
FileHash-SHA1 929ed077e785eed52dca775d991c9e66784c51ae 2025-05-30
FileHash-SHA1 9d2be9d078a76eab2510fb6ebc9080e8383561d0 2025-05-30
FileHash-SHA1 a0201d7ea9d2ba8e4896fe3974bcbffa66939c7e 2025-05-30
FileHash-SHA1 ad0788a0c2104421a0f62a3375f0b3d2bf9e9979 2025-05-30
FileHash-SHA1 aeeeb8ee29ede289de714a962eb3d489adefaa08 2025-05-30
FileHash-SHA1 b030559ef1690bcc672b6df0f198d752d3d1e526 2025-05-30
FileHash-SHA1 b31cde2231ccdf26a9d4c0726f3012badea4a62f 2025-05-30
FileHash-SHA1 b9dd3142dbebad669d04d79d499ffdc84f7ff72b 2025-05-30
FileHash-SHA1 bb9f0a1e010b82e5566e2c350e066fcddc9bf7ef 2025-05-30
FileHash-SHA1 bc54cc2c1c460c6b2ec93620a8b273d546bdad11 2025-05-30
FileHash-SHA1 ce8887eb6433155cff59bc6dfc81d2cb58286c2b 2025-05-30
FileHash-SHA1 d2db26468389bf0081ee6d96e53388ca252974f7 2025-05-30
FileHash-SHA1 d6c942ac6bb018bfacbd0b805048452d773208b7 2025-05-30
FileHash-SHA1 db30cc047dba012f02ba12c86ae1fcb94070416e 2025-05-30
FileHash-SHA1 db3f8c11ce8e1363cbf086a9774e528f0296b4c1 2025-05-30
FileHash-SHA1 de3f771aa9f577d7059e977bd25ee1cddab98716 2025-05-30
FileHash-SHA1 dfbc234726c00f1d3a0365707d25a423c5113ea6 2025-05-30
FileHash-SHA1 e93bc45fb347af950416df0c07b30a3314a6c0fa 2025-05-30
FileHash-SHA1 e95a60ba4f21f3d07ac92358b1920b410ffe8b44 2025-05-30
FileHash-SHA1 edf27669924cf5053f006baf370d0ff32b9bc2ce 2025-05-30
FileHash-SHA1 f1c1fc83fb53601578536226ef1989ab87bfe6d7 2025-05-30
FileHash-SHA1 f418727fd2cf8206efa9cce8da478a022ff6d8b3 2025-05-30
FileHash-SHA1 fd2b411e5304e29871ed061e320c2c746ff4b0bd 2025-05-30
domain belamai.shop 2025-05-30
domain cat-are-here.ru 2025-05-30
domain cozkeu.shop 2025-05-30
domain cyqfuy.shop 2025-05-30
domain fabzswingers.com 2025-05-30
domain fireflypath.shop 2025-05-30
domain forestchime.shop 2025-05-30
domain gentlestream.shop 2025-05-30
domain gewrye.shop 2025-05-30
domain happyjourney.shop 2025-05-30
domain jonagye.shop 2025-05-30
domain kerlalostel.org 2025-05-30
domain kittlez.ru 2025-05-30
domain leqezuu.shop 2025-05-30
domain lingagulidon.com 2025-05-30
domain lumdukekiy.shop 2025-05-30
domain lumfokim.shop 2025-05-30
domain lumjebyhiu.shop 2025-05-30
domain lumkecuq.shop 2025-05-30
domain lumlacumii.shop 2025-05-30
domain lumlideweo.shop 2025-05-30
domain lummomusuo.shop 2025-05-30
domain lumramavyy.shop 2025-05-30
domain lumsuxinya.shop 2025-05-30
domain lumtovusao.shop 2025-05-30
domain lumzacynuy.shop 2025-05-30
domain morningjoy.shop 2025-05-30
domain mysticjourney.shop 2025-05-30
domain nature-sounds.shop 2025-05-30
domain ocean-view.shop 2025-05-30
domain padxae.shop 2025-05-30
domain pannlumz.com 2025-05-30
domain rapabuo.shop 2025-05-30
domain river-stone.shop 2025-05-30
domain rubyfalls.shop 2025-05-30
domain rugtou.shop 2025-05-30
domain sereneoasis.shop 2025-05-30
domain sunny-beach.shop 2025-05-30
domain tieredaccess.com 2025-05-30
domain weponoe.shop 2025-05-30
domain whoisprotection.cc 2025-05-30
domain winterchill.shop 2025-05-30
domain zincaa.shop 2025-05-30
domain blast-hubs.com 2025-05-30
domain blastikcn.com 2025-05-30
domain naturewsounds.help 2025-05-30
domain stormlegue.com 2025-05-30
References (1)
↗ https://www.domaintools.com/resources/blog/tracking-lummac2-infrastructure-with-cats