← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
IOC - Unmasking The 64-bit Variant of the Infamous Lumma Stealer
WHITE Lumma Stealer celestre 2026-04-09 Modified: 2026-04-09
89
IOCs
HIGH VOLUME
lumma stealerapplication-bound encryption bypassblockchain c2tenzoretherhidinginfostealer64-bit variantremusaurastealervoidstealerrhadamanthys
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Tenzor Lumma Stealer Remus Rhadamanthys AuraStealer VoidStealer
Indicators of Compromise (31 / 89 total)
All FileHash-SHA1 FileHash-SHA256 IPv4 URL domain
TYPEINDICATORDESCRIPTIONCREATED
URL http://adveryx.biz:6573 2026-04-09
URL http://backbou.biz:5902 2026-04-09
URL http://baxe.pics:48261 2026-04-09
URL http://borscer.biz:9592 2026-04-09
URL http://buccstanor.pics:28313 2026-04-09
URL http://buccstanor.pics:48261 2026-04-09
URL http://chalx.live:5902 2026-04-09
URL http://chromap.biz:4219 2026-04-09
URL http://coox.live:28313 2026-04-09
URL http://drymoge.biz:4192 2026-04-09
URL http://forestoaker.com:6290 2026-04-09
URL http://gluckcreek.online:48261 2026-04-09
URL http://intem.lat:9592 2026-04-09
URL http://interxo.biz:7481 2026-04-09
URL http://josegza.biz:8521 2026-04-09
URL http://krondez.com:28982 2026-04-09
URL http://lazzo.bet:3989 2026-04-09
URL http://managew.biz:5902 2026-04-09
URL http://navelum.biz:3201 2026-04-09
URL http://nitroca.biz:6782 2026-04-09
URL http://outcrol.biz:4895 2026-04-09
URL http://padaz.pics:4219 2026-04-09
URL http://parky.pics:3989 2026-04-09
URL http://prickaz.biz:2039 2026-04-09
URL http://remnane.biz:5692 2026-04-09
URL http://ropea.top:28313 2026-04-09
URL http://siltsoh.biz:7481 2026-04-09
URL http://texakgi.cloud:3849 2026-04-09
URL http://vinte.online:28313 2026-04-09
URL http://woodena.biz:7821 2026-04-09
URL http://zadno.run:4219 2026-04-09
References (1)
↗ https://www.gendigital.com/blog/insights/research/remus-64bit-variant-of-lumma-stealer