IOC Radar
MD5MediumSignal 100/100

c3a6510e56098e600a102be881211659

Location
PeruPeru
First Seen
Jun 10, 2025
Last Seen
Jan 24, 2026
Jun 10
First Seen
374d ago
Jan 24
Last Seen
146d ago
8
Reports
source reports
99%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Feed Intelligence Summary

8 reports99% confidence
8
Source reports
99%
Confidence score
Category tags
accessaccount credentialsbanking informationbotnetcalls-wmichecks-bioscommand and controlcredential accesscryptocurrency walletdata exfiltrationdata theftdetect-debug-environmentdistributed attacksdropped-by-amadeyexefile-hashfinancial dataform grabbingindicatorinformation stealing malwareinfostealerlocal systemlong-sleepslummastealermalicious attachmentmalicious softwaremalwaremalware analysisman-in-the-middlemitmoperating systempassword extractionpeexeperuphishing campaignpii theftprocess injectionremote servicesresearchedsocial media accountssouth americastolen credentialst1003t1003 datat1003.001t1021t1021.001t1033t1033 systemt1055t1056t1056.001t1057t1057 processt1069.001t1071t1071.001t1078t1081t1082t1082 systemt1083t1087t1087 accountt1110t1113t1133t1195t1204t1204.002t1486t1496t1499.002t1499.003t1539t1555t1555.003t1555.004t1565t1566ta0001 initialweb injectionwin32 malwarewindows malware

Activity Timeline

1 total obs
Jan 24Jan 24

Threat Activity Heatmap

· Peak: 2026-01-24
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
8
Reports
First seenJun 10, 2025
Last seenJan 24, 2026

VirusTotal

Not checked

WHOIS

description
Lumma Stealer es un tipo de software malicioso diseñado para robar información confidencial de los dispositivos infectados. Este malware se infiltra en los sistemas y extrae datos personales, como nombres de usuario, contraseñas, información bancaria y detalles de tarjetas de crédito. LummaStealer puede afectar varias cuentas, incluidas redes sociales, correos electrónicos y monederos de criptomonedas. Los delincuentes pueden usar la información robada para chantaje, suplantación de identidad, y realizar transacciones fraudulentas, lo que puede causar serios problemas de privacidad y pérdidas económicas significativas para las víctimas.
references
https://www.virustotal.com/graph/embed/g049f0b1abbc14ce6946afdd9adf9a0837e2ee9b9d60746b3ab46b63d1e1f843b?theme=light, https://darfe.es/ciberwiki/index.php?title=Lumma

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 8 threat reports