IOC Radar
SHA1MediumSignal 100/100

2b5bd8a7e9233d30db1fbdbb113bba48732453a7

Location
PeruPeru
First Seen
May 11, 2025
Last Seen
Jan 14, 2026
May 11
First Seen
412d ago
Jan 14
Last Seen
163d ago
8
Reports
source reports
99%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-1 Hash
SHA-1 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA1
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Feed Intelligence Summary

8 reports99% confidence
8
Source reports
99%
Confidence score
Category tags
abuseaccessaccount credentialsbotnetc2calls-wmichecks-bioscommand and controlcompromised systemcredential accesscryptocurrency threatscryptojackingdata exfiltrationdata theftdetect-debug-environmentdistributed attacksdocument exploitationexefile-hashfinancefinancial datafinancial informationindicatorinformation stealerinitial accessinvalid-signaturejurootslocal systemlong-sleepsmalicious document activitymalicious softwaremalwaremalware deliveryoperating systemoverlaypassword stealerpayloadpeexeperuprocess injectionransomwareremote servicesresearchedresource hijackingsignedsouth americat1003t1003 datat1021t1021.001t1033t1033 systemt1055t1057t1057 processt1059t1069.001t1071t1071.001t1078t1081t1082t1082 systemt1087t1087 accountt1110t1185t1189t1204t1486t1496t1499.002t1499.003t1539t1552t1555t1556t1562t1565t1566ta0001 initialtcticasuncategorized threatwin32 malwarewindows malware

Activity Timeline

1 total obs
Jan 14Jan 14

Threat Activity Heatmap

· Peak: 2026-01-14
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
8
Reports
First seenMay 11, 2025
Last seenJan 14, 2026

VirusTotal

Not checked

WHOIS

description
Lumma Stealer es un tipo de software malicioso diseñado para robar información confidencial de los dispositivos infectados. Este malware se infiltra en los sistemas y extrae datos personales, como nombres de usuario, contraseñas, información bancaria y detalles de tarjetas de crédito. LummaStealer puede afectar varias cuentas, incluidas redes sociales, correos electrónicos y monederos de criptomonedas. Los delincuentes pueden usar la información robada para chantaje, suplantación de identidad, y realizar transacciones fraudulentas, lo que puede causar serios problemas de privacidad y pérdidas económicas significativas para las víctimas.
references
https://threatfox.abuse.ch/export/csv/recent/, https://www.virustotal.com/graph/embed/g262c87dabf8040b0b5b43993f4861e66dc877852eed84bf5a76db1d131f7c317?theme=light, https://darfe.es/ciberwiki/index.php?title=Lumma, https://bazaar.abuse.ch/export/csv/recent/, https://www.virustotal.com/graph/embed/g48c75447df564c66b1ce21c33d02458aad10e42622774ce5bbac452c4b8a5669?theme=light, https://www.virustotal.com/gui/collection/5627360de141e4b4db30a4b3331f77bbc9c734d8ddbfd7deacddba8ce9d0f82e

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 5 months ago
Appeared in 8 threat reports