Source: https://steamcommunity.com/profiles/76561199724331900 |
URL Reputation: Label: malware |
Source: https://steamcommunity.com/profiles/76561199724331900/inventory/ |
URL Reputation: Label: malware |
Source: reinforcenh.shop |
Avira URL Cloud: Label: malware |
Source: stogeneratmns.shop |
Avira URL Cloud: Label: malware |
Source: https://gutterydhowi.shop/api |
Avira URL Cloud: Label: malware |
Source: https://drawzhotdog.shop/api |
Avira URL Cloud: Label: malware |
Source: https://offensivedzvju.shop/ |
Avira URL Cloud: Label: malware |
Source: https://ghostreedmnu.shop/apiB |
Avira URL Cloud: Label: malware |
Source: https://reinforcenh.shop/api |
Avira URL Cloud: Label: malware |
Source: ghostreedmnu.shop |
Avira URL Cloud: Label: malware |
Source: https://ballotnwu.site/api |
Avira URL Cloud: Label: malware |
Source: https://ptramidermsnqj.shop/api |
Avira URL Cloud: Label: malware |
Source: https://stogeneratmns.shop/ |
Avira URL Cloud: Label: malware |
Source: ptramidermsnqj.shop |
Avira URL Cloud: Label: malware |
Source: https://vozmeatillu.shop/api |
Avira URL Cloud: Label: malware |
Source: https://ghostreedmnu.shop/api |
Avira URL Cloud: Label: malware |
Source: https://stogeneratmns.shop/api |
Avira URL Cloud: Label: malware |
Source: fragnantbui.shop |
Avira URL Cloud: Label: malware |
Source: https://fragnantbui.shop/api |
Avira URL Cloud: Label: malware |
Source: https://offensivedzvju.shop/api |
Avira URL Cloud: Label: malware |
Source: gutterydhowi.shop |
Avira URL Cloud: Label: malware |
Source: drawzhotdog.shop |
Avira URL Cloud: Label: malware |
Source: https://ptramidermsnqj.shop/llh |
Avira URL Cloud: Label: malware |
Source: offensivedzvju.shop |
Avira URL Cloud: Label: malware |
Source: vozmeatillu.shop |
Avira URL Cloud: Label: malware |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: reinforcenh.shop |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: stogeneratmns.shop |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: fragnantbui.shop |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: drawzhotdog.shop |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: vozmeatillu.shop |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: offensivedzvju.shop |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: ghostreedmnu.shop |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: gutterydhowi.shop |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: ptramidermsnqj.shop |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: lid=%s&j=%s&ver=4.0 |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: TeslaBrowser/5.5 |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: - Screen Resoluton: |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: - Physical Installed Memory: |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: Workgroup: - |
Source: 00000005.00000002.1851085077.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String decryptor: LPnhqo--zdexodnebqjx |
Source: C:\Users\user\Desktop\file.exe |
Code function: 4x nop then bound esi, dword ptr [ecx] |
0_2_05445600 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 4x nop then bound esi, dword ptr [ecx] |
0_2_054455F0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp+3Ch] |
5_2_0041050F |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp] |
5_2_00446791 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [edi+edx*8], 2EE0190Fh |
5_2_00446791 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp] |
5_2_004469D9 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [edi+edx*8], 2EE0190Fh |
5_2_004469D9 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [edi+edx*8], 68677325h |
5_2_004469D9 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp+14h] |
5_2_00446BA1 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp] |
5_2_0040CED0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp word ptr [ecx+eax+02h], 0000h |
5_2_0041D060 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp+00000660h] |
5_2_0041D060 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp] |
5_2_0042C070 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov esi, dword ptr [esp+10h] |
5_2_00401000 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [ebp+edx*8+00h], 81105F7Ah |
5_2_0044A0F0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov word ptr [eax], cx |
5_2_004280A0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp] |
5_2_004200B0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov word ptr [eax], dx |
5_2_004200B0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov ebx, dword ptr [edi+04h] |
5_2_00430250 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp] |
5_2_0042F320 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp byte ptr [ebx], 00000000h |
5_2_004153FD |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [edi+edx*8], 0633C81Dh |
5_2_00448390 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then movzx edx, byte ptr [ecx+eax] |
5_2_0040F4A0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp] |
5_2_0040F4A0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov dword ptr [esp], 00000000h |
5_2_0041A4B0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp+00000660h] |
5_2_0041E576 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then movzx edx, word ptr [ecx+eax] |
5_2_0041E576 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [esi+edx*8], 77DD2217h |
5_2_0041E576 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp word ptr [ebp+edi+02h], 0000h |
5_2_00426530 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then jmp ecx |
5_2_0043F530 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov byte ptr [ebx+eax], 00000000h |
5_2_0042E638 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then jmp ecx |
5_2_0043F762 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [ebx+edx*8], 1B788DCFh |
5_2_00443760 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then push edi |
5_2_0041D791 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov word ptr [eax], cx |
5_2_004267B0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [edi+edx*8], 54CA534Eh |
5_2_004478C0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov ebx, ecx |
5_2_004138C6 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [esi+edx*8], 0633C81Dh |
5_2_004448D0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp] |
5_2_004448D0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp] |
5_2_004288E0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then movzx ebx, byte ptr [edx] |
5_2_0043A950 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov ebx, ecx |
5_2_004139AC |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov ecx, eax |
5_2_004139AC |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then jmp eax |
5_2_004139AC |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then dec ebx |
5_2_0043E9B0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp+3Ch] |
5_2_00410A80 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then movzx edx, byte ptr [esi+edi] |
5_2_00404AB0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then movzx ecx, word ptr [edi+eax] |
5_2_00447AB0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then movzx edx, byte ptr [esi+ebx] |
5_2_00405B40 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp+14h] |
5_2_00446BA1 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp+14h] |
5_2_00446C72 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [esi+edx*8], CECD21FDh |
5_2_0042BC00 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [edi+edx*8], CECD21FDh |
5_2_0042BC00 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then jmp eax |
5_2_00448C00 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov word ptr [ebx], ax |
5_2_0042EC9D |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [ebx+edx*8], 7E28BDA7h |
5_2_00449DE0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov byte ptr [edi], al |
5_2_00431DF0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov byte ptr [edi], al |
5_2_00431DF0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov byte ptr [edi], al |
5_2_00431DF0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov byte ptr [edi], al |
5_2_00431DF0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov byte ptr [edi], al |
5_2_00431DF0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp+00000100h] |
5_2_0041FE7D |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [esi+edx*8], 0633C81Dh |
5_2_00443E80 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [ebp-14h] |
5_2_00428EB0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then mov eax, dword ptr [esp+000001C0h] |
5_2_00412EBD |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then movzx edi, byte ptr [ecx+esi] |
5_2_00406F60 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then movzx eax, word ptr [esi+ecx] |
5_2_00440F70 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then cmp dword ptr [ebx+edx*8], 7E28BDA7h |
5_2_00449F70 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 4x nop then jmp ecx |
5_2_0043EF7E |
Source: Network traffic |
Suricata IDS: 2056164 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (gutterydhowi .shop) : 192.168.2.4:57092 -> 1.1.1.1:53 |
Source: Network traffic |
Suricata IDS: 2056156 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (drawzhotdog .shop) : 192.168.2.4:57422 -> 1.1.1.1:53 |
Source: Network traffic |
Suricata IDS: 2056158 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (vozmeatillu .shop) : 192.168.2.4:54684 -> 1.1.1.1:53 |
Source: Network traffic |
Suricata IDS: 2056154 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (fragnantbui .shop) : 192.168.2.4:64256 -> 1.1.1.1:53 |
Source: Network traffic |
Suricata IDS: 2056160 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (offensivedzvju .shop) : 192.168.2.4:60410 -> 1.1.1.1:53 |
Source: Network traffic |
Suricata IDS: 2056163 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (ghostreedmnu .shop in TLS SNI) : 192.168.2.4:49733 -> 188.114.96.3:443 |
Source: Network traffic |
Suricata IDS: 2056152 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (stogeneratmns .shop) : 192.168.2.4:50375 -> 1.1.1.1:53 |
Source: Network traffic |
Suricata IDS: 2056150 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (reinforcenh .shop) : 192.168.2.4:52826 -> 1.1.1.1:53 |
Source: Network traffic |
Suricata IDS: 2056157 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (drawzhotdog .shop in TLS SNI) : 192.168.2.4:49736 -> 172.67.162.108:443 |
Source: Network traffic |
Suricata IDS: 2056165 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (gutterydhowi .shop in TLS SNI) : 192.168.2.4:49732 -> 104.21.4.136:443 |
Source: Network traffic |
Suricata IDS: 2056159 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (vozmeatillu .shop in TLS SNI) : 192.168.2.4:49735 -> 188.114.97.3:443 |
Source: Network traffic |
Suricata IDS: 2056151 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (reinforcenh .shop in TLS SNI) : 192.168.2.4:49739 -> 172.67.208.139:443 |
Source: Network traffic |
Suricata IDS: 2056161 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (offensivedzvju .shop in TLS SNI) : 192.168.2.4:49734 -> 188.114.96.3:443 |
Source: Network traffic |
Suricata IDS: 2056155 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (fragnantbui .shop in TLS SNI) : 192.168.2.4:49737 -> 188.114.97.3:443 |
Source: Network traffic |
Suricata IDS: 2056153 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (stogeneratmns .shop in TLS SNI) : 192.168.2.4:49738 -> 188.114.96.3:443 |
Source: Network traffic |
Suricata IDS: 2056162 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (ghostreedmnu .shop) : 192.168.2.4:64591 -> 1.1.1.1:53 |
Source: Network traffic |
Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49735 -> 188.114.97.3:443 |
Source: Network traffic |
Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49738 -> 188.114.96.3:443 |
Source: Network traffic |
Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49735 -> 188.114.97.3:443 |
Source: Network traffic |
Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49738 -> 188.114.96.3:443 |
Source: Network traffic |
Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49734 -> 188.114.96.3:443 |
Source: Network traffic |
Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49734 -> 188.114.96.3:443 |
Source: Network traffic |
Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49733 -> 188.114.96.3:443 |
Source: Network traffic |
Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49733 -> 188.114.96.3:443 |
Source: Network traffic |
Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49741 -> 104.21.2.13:443 |
Source: Network traffic |
Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49739 -> 172.67.208.139:443 |
Source: Network traffic |
Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49741 -> 104.21.2.13:443 |
Source: Network traffic |
Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49739 -> 172.67.208.139:443 |
Source: Network traffic |
Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49731 -> 104.21.83.105:443 |
Source: Network traffic |
Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49731 -> 104.21.83.105:443 |
Source: Network traffic |
Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49736 -> 172.67.162.108:443 |
Source: Network traffic |
Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49736 -> 172.67.162.108:443 |
Source: Network traffic |
Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49732 -> 104.21.4.136:443 |
Source: Network traffic |
Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49732 -> 104.21.4.136:443 |
Source: Network traffic |
Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49737 -> 188.114.97.3:443 |
Source: Network traffic |
Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49737 -> 188.114.97.3:443 |