Lumma Stealer - Indicators of Compromise
Last updated: 2026-04-18
C2 Domains (200)
atomiy.cyou gooseg.cyou cucumb.cyou codbsd.cyou attrakc.cyou opsonm.cyou hidatt.cyou affimcm.cyou botcywv.cyou deternx.cyou cankgmr.cyou brechfo.cyou crapuhn.cyou cynipsq.cyou henofrl.cyou ditabop.cyou wrinkky.cyou mastojh.cyou knowale.cyou worldkt.cyou ulmudhw.shop strikql.shop pomflgf.vu mushxhb.best longmbx.click genugsq.best decrnoj.club carytui.vu holypriest.gl polecy.cyou ionicj.cyou tactip.cyou pashtu.cyou shootr.cyou navalc.cyou hexesq.cyou poxzxin.cyou test-dummy-validation-99999.com arresetrewwqo.shop certif.cyou smeltd.cyou podiat.cyou pertur.cyou lightef.cyou cerebe.cyou cheeerfulharbor.rest widdensmoywi.sbs surprql.cyou idespeh.cyou greekcs.cyou brighterlib.click centegn.cyou baggiup.cyou patrmpf.cyou florjxt.cyou yashnei.cyou slenjzj.cyou skylips.cyou evetesttech.net equilmm.click victubp.cyou praiefb.cyou horsvyz.cyou spotdvt.click mephizt.click combktt.cyou flasrta.cyou gennods.cyou undighh.cyou arnicnm.click heuchvr.click bleedminejw.buzz shitrba.click blacken.cyou cavilee.cyou equilab.cyou ossifvg.click genuscs.cyou silverhost.vg postoconel.com shrewzh.cyou japanel.cyou insuffh.cyou followw.cyou ironproe.live workltt.quest watchhr.biz thundut.biz mobbyyt.club lumpeem.quest genusne.click familbg.club egyptnf.click tt-pjipa.com murkena.cyou resolum.buzz intheme.cyou cyyounx.pics bobbysu.life mexicwc.biz brocaez.club notionz.qpon poochse.qpon blennia.qpon noxajb.top dormynwj.buzz defaulemot.run deflamep.live sterpickced.digital orangemyther.live modelshiverd.icu garagedrootz.top fostinjec.today catterjur.run castlaby.live arisechairedd.shop begindecafer.world begguinnerz.biz underlinefiue.sbs pleasurenarrowsdla.shop falseaudiencekd.shop feighminoritsjda.shop marathonbeedksow.shop justifycanddidatewd.shop richardflorespoew.shop strwawrunnygjwu.shop raiseboltskdlwpow.shop reinforcenh.shop fragnantbui.shop offensivedzvju.shop gutterydhowi.shop vozmeatillu.shop drawzhotdog.shop stogeneratmns.shop ghostreedmnu.shop varianntyfeecterd.shop understanndtytonyguw.shop relaxtionflouwerwi.shop patternapplauderw.shop messtimetabledkolvk.shop horsedwollfedrwos.shop detailbaconroollyws.shop deprivedrinkyfaiir.shop considerrycurrentyws.shop superyupp.fun curtainjors.fun retiriu.cyou fileforex.xyz effect-shake.cyou plengreg.fun kowersize.fun knittinprophec.pw howlcars.fun duhodown.fun comperssw.fun bluepablo.fun methodbojjewkl.shop superyf.click screwsj.click fivenaii.click volcanohushe.click bashfulacid.lat tentabatte.lat curverpluch.lat talkynicer.lat shapestickyr.lat manyrestro.lat slipperyloo.lat wordyfindy.lat galaxiay.world triplooqp.world holidamyup.today targett.top advennture.top sighbtseeing.shop touvrlane.bet travewlio.shop esccapewz.run marketlumpe.biz littlenotii.biz truculengisau.biz punishzement.biz grandiouseziu.biz nuttyshopr.biz spookycappy.biz fraggielek.biz spottercurvei.click halroda.cyou infhkkh.cyou phyerfs.cyou pardpew.cyou trafsyt.cyou worteof.cyou staroga.cyou bornlny.cyou friovjk.cyou amowdwt.cyou kinyqxr.cyou chamkzw.cyou pasbdyi.cyou
C2 IP Addresses (3)
104.252.175.169 94.26.106.20 193.221.201.247
Malicious URLs (50)
https://baraltransportes.com/20khgc26oiwefoibfuww.php https://versaclean.com.br/wp-content/BocAvenue.exe http://185.76.243.96/itgf/qjgd.odd http://185.76.243.96/frlb.odg https://nexoramods.net/nexora.zip https://windefender.best/?campaignid=45628&groupid=130392846921&targetid=kwd-10005570 http://178.17.58.0x31/tujg.mkv https://185.102.115.69/48e.lim http://213.111.153.40/lf7n/ihbs.odd http://213.111.153.0x28/lf7n/ihbs.odd https://anondrop.net/1408852323941224540 https://anondrop.net/1408851068389163010 https://anondrop.net/1408850362915361032 http://88.99.145.13:444/?anondrop.net_scampage https://anondrop.net/1408850668046913618 https://anondrop.net/1408851906733805629 https://anondrop.net/1408851485831336028 https://streamcache.site/balc.jpg https://t0urist.cv/CrL.ini https://www.dropbox.com/t/7YKNV6Ccksm2FD3v https://download2329.mediafire.com/3002yurx4tpgfrBLM-UDFT16u8yZv6CVhIubNpMWpAe1kHlU-QuiPrlnHheh84nrhHbOLw8MrZK5K9n10pn1iPh1ekQU35MuqgNT4jwpkuRrcQgzO4-kYf41GwhkeEt4vnj9pTnqG4TGrTg7t3wwB7pfzivEquO1WiDr24uAQ6R4QQ/9mp872akp80s4ui/L4%D0%B0nchXPr%D0%BE_Win64_%5Bv3.1.1%5D_P%D0%BErtX_x64.zip https://download2334.mediafire.com/omztunjkjrwglwYHUdOb47TJdgZoEhdNvCsN5ooze0wRn6IVOd-DynniCuJNOhpjuXiimznygygNgOJtSA-n76tge2OCmFfEXpHT1e4fN3U2kBUkbp7alcd6nLSzeXOlNrSck8ECKhxEQkwohSAoukUiy8Y_hlEOjujQICsNH0wVjg/flpp764nam459g2/GalaxyPr00j33ct2.67v.zip https://mega.nz/file/K5RyiQ4L#Qv-iCXbW-PtH-wvnQq8gRHNj75H5CvxV1ssoBFBMxRQ http://185.156.72.196/ycl https://github.com/legendary99999/legend11/releases/download/legend1/legend1.exe https://github.com/legendary99999/rgsfdgsfg/releases/download/grdfvgvsfd/Faceit.TITAN.ver.4.562.exe https://github.com/legendary99999/rdfgsdgadfg/releases/download/fadbsgfbgasb/alex12312.exe https://github.com/legendary99999/legend2/releases/download/legend2/legend2.exe https://12.innospark.cloud/vpnmcg.txt https://pub-d4469a7a24f7423989c5026116ada945.r2.dev/vpncmgr.exe https://directxapps.shop/NILdR0uHd0xf2wKhJXsaGal67PZbxnPg https://undo.sg/file.exe https://www.dropbox.com/scl/fi/xfme3jj5rgt6u5ig7he70/CapCut-Pro.rar?rlkey=ndad0985or8n5rokxmb0pz5k0&st=wcorhwhg&dl=1 https://sites.google.com/view/robloxfree2025/roblox-free-hack https://drive.google.com/file/d/11SRBeq-5b2C7gf5Z24SzNiSxCTSHONLJ/view https://app.mediafire.com/nv3tqmek5l0sy https://github.com/Fortnite-Wallhacks-2025/.github/releases/tag/files https://github.com/RaquelG18/Luna-Executor/releases https://www.transfernow.net/dl/20250411w2aAKIJy?67f972e914fe6_67f972e914fe8&sdm=1a251d0c7deda496a1d5a90a395bcc4866d974b7 https://mega.nz/folder/SQ4BWbBB#fAN-0OThrJOUdQL-8mb7TA https://www.transfernow.net/en/bld?utm_source=20250407VJA0tBzl https://mega.nz/file/rFdUmQRR#Tt2_tJ3TBN_M0D_-KLrOZkuxU72Y_c_SpNpTde5ESMY/trmr/472c53960a4c2dccd5 https://www.mediafire.com/folder/1a2yiirfpq4zo/d https://www.mediafire.com/folder/pwsem69dw0f2v/Global%D0%A1h%D0%B5%D0%B0ts https://sites.google.com/view/drcheats6 https://github.com/AkhtarAriq/krnl-latest-update/releases/tag/2025 https://g3.uueui.shop/d1196e3e1b76ca8658b7d6b95ee5a559513873ea9cdb7bbf.bmp https://zetrax.shop/firsthookup.mp3 https://a.uueui.shop/700815a50547b01b29cf3a1ca55d7a7e3058e7d911072018.html https://h1.yyoiy.shop/750413b4e6897a671bc759e04597952a0be747830189873b.xlsm
Data Sources
MalwareBazaar (abuse.ch) • ThreatFox (abuse.ch) • URLhaus (abuse.ch)