Lumma Stealer Domain

A new lumma stealer domain: whispedwoodmoodsksl .shop

e0c5b755eb386a8ea0ab465fff797cd0 - Automated Malware Analysis Report for a0724a317d7b22163de89adbca3514cfe556b23d1b0c4e3471e9c29901bba27b_payload.exe - Generated by Joe Sandbox

259f9fd891b465ee3fe7499712cf8eeb - Automated Malware Analysis Report for 91trXZr1Ts.exe - Generated by Joe Sandbox

Nice! I’ll add this domain today.

Thanks for the share and also providing those sandbox runs.

Thanks @jt42 @bingohotdog !

@jt42

  2052787 - ET MALWARE DNS Query to Lumma Stealer Domain (whispedwoodmoodsksl .shop) 
  2052788 - ET MALWARE Observed Lumma Stealer Domain (whispedwoodmoodsksl .shop in TLS SNI)

Thanks @ishaughnessy !