ioc[.]one - OSINT Cyber Threat Intelligence Database

Silent Push maps over 150 new Lumma C2 infostealer IOCs — Silent Push Threat Intelligence

Tags

country:	Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Binary Padding - T1027.001 Control Panel - T1218.002 Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Software - T1592.002 Steganography - T1001.002 Steganography - T1406.001 Steganography - T1027.003 Whois - T1596.002 Binary Padding - T1009 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	13a8eeae-feb6-4015-b3bd-d9c3c0f9ab57
Fingerprint	a51889d30e53c7c3
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 28, 2024, midnight
Added to db	Nov. 19, 2023, 5:42 a.m.
Last updated	Nov. 17, 2024, 6:53 p.m.
Headline	‘The Dead Russian Poets Society’: Silent Push uses behavioural fingerprinting, content scans and a 128-year old Russian poem to uncover 150+ new ACTIVE Lumma C2 servers and admin panels.
Title	Silent Push maps over 150 new Lumma C2 infostealer IOCs — Silent Push Threat Intelligence
Detected Hints/Tags/Attributes	63/3/97

Source URLs

	Redirection	Url
Details	Source	https://www.silentpush.com/blog/lummac2

URL Provider

Details	Provider	Source level domain
Details	silentpush.com	www.silentpush.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	374	✔	—	https://www.silentpush.com/blog?format=rss	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Autonomous System Number	5	AS207713
Details	Domain	26	mediafire.com
Details	Domain	1	erorblackday.xyz
Details	Domain	1	gstatic-service.io
Details	Domain	1	scandimyth.xyz
Details	Domain	1	sisadmin-my.xyz
Details	Domain	1	stoptme.xyz
Details	Domain	1	privategame.xyz
Details	Domain	2	traftech.pro
Details	Domain	1	lazagrc2cnk.xyz
Details	Domain	3	lazagrc3cnk.xyz
Details	Domain	1	ocmtancmi2c4t.life
Details	Domain	2	ocmtancmi2c5t.life
Details	Domain	5	ocmtancmi2c5t.xyz
Details	Domain	1	ocmtancmi2c4t.live
Details	Domain	1	ocmtancmi2c4t.site
Details	Domain	1	ocmtancmi2c4t.website
Details	Domain	1	ocmtancmi2c4t.xyz
Details	Domain	1	ocmtancmi2c5t.site
Details	Domain	1	ocmtancmi2c5t.website
Details	Domain	1	stable4download.ocmtancmi2c5t.website
Details	Domain	1	treepledeeple.fun
Details	Domain	1	orkograkula.fun
Details	Domain	1	firmpanacewap.fun
Details	Domain	1	curtainjors.fun
Details	Domain	1	starblack.fun
Details	Domain	1	2flowers-my.xyz
Details	Domain	1	adavefrees.xyz
Details	Domain	1	blockall-my.xyz
Details	Domain	1	blockspam-my.xyz
Details	Domain	1	bondappeal.xyz
Details	Domain	1	boxclod.xyz
Details	Domain	3	buyerbrand.xyz
Details	Domain	1	catfoodbio.xyz
Details	Domain	1	chocomeat.fun
Details	Domain	1	cleanvr.xyz
Details	Domain	1	cloudsnike-my.xyz
Details	Domain	1	coinflore-my.xyz
Details	Domain	1	coolworks.xyz
Details	Domain	1	coolworkss.xyz
Details	Domain	1	cosmosvr3d.xyz
Details	Domain	1	culturalevenings.xyz
Details	Domain	3	cvadrobox.xyz
Details	Domain	1	damageagio.xyz
Details	Domain	1	deeppoetry.xyz
Details	Domain	1	demanddeal.xyz
Details	Domain	1	diavellipromo-my.xyz
Details	Domain	1	dogshanter.xyz
Details	Domain	1	downloaddedattre.fun
Details	Domain	1	downloadfiles-my.xyz
Details	Domain	1	dromautocar.xyz
Details	Domain	1	dropfiles-my.xyz
Details	Domain	1	ducklingibises.fun
Details	Domain	1	ellifotolive.xyz
Details	Domain	1	glaziercarde.fun
Details	Domain	1	housegrommy.fun
Details	Domain	1	jumperstad.fun
Details	Domain	1	lackbasinmu.fun
Details	Domain	1	pearlbarleyhit.fun
Details	Domain	1	politicuseles.fun
Details	Domain	1	portlandcor.fun
Details	Domain	1	potatomeatball.fun
Details	Domain	1	pregnantflowers.fun
Details	Domain	1	rarefood.fun
Details	Domain	1	rosaryconbo.fun
Details	Domain	1	rovengold.fun
Details	Domain	1	royalpantss.fun
Details	Domain	1	satanakop.fun
Details	Domain	1	sausagerollraisin.fun
Details	Domain	1	scruffymapleflat.fun
Details	Domain	1	sendcyniaforeign.fun
Details	Domain	1	shoppervik.fun
Details	Domain	2	slimtvsocico.fun
Details	Domain	1	socialmadness.fun
Details	Domain	1	sodafountainpr.fun
Details	Domain	1	startablekor.fun
Details	Domain	1	superyupp.fun
Details	Domain	1	talkinwhitepod.fun
Details	Domain	1	tuberoseprod.fun
Details	Domain	1	valleydod.fun
Details	Domain	1	veinsmoter.fun
Details	Domain	1	waterparkedone.fun
Details	Domain	1	withdrawlecterns.fun
Details	Domain	1	wolffunny.fun
Details	Domain	1	yachtracingopt.fun
Details	IPv4	6	144.76.173.247
Details	IPv4	5	195.123.226.91
Details	IPv4	3	45.9.74.78
Details	IPv4	5	77.73.134.68
Details	IPv4	2	82.117.255.127
Details	IPv4	3	82.118.23.50
Details	IPv4	2	157.90.248.179
Details	IPv4	3	213.252.244.62
Details	IPv4	2	194.87.31.176
Details	IPv4	1	195.123.219.211
Details	IPv4	1	195.123.219.212
Details	IPv4	1	89.185.84.37