ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://curtainjors.fun/api.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1761390
IOC: http://curtainjors.fun/api
IOC Type :url
Threat Type :botnet_cc
Malware: Lumma Stealer
Malware alias:LummaC2 Stealer
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS396982 GOOGLE-CLOUD-PLATFORM
Country:- US
First seen:2026-03-08 11:25:21 UTC
Last seen:2026-03-13 12:31:32 UTC
UUID:7e3ed52a-1ae1-11f1-9af6-42010aa4000a
Reporter abuse_ch
Reward 5 credits from ThreatFox
Tags:Lumma
Reference: https://bazaar.abuse.ch/sample/54eee378bc2e454bbf174cf3b93d7697964d0ea688d6e2441697b6cd3a2871af/

Avatar
abuse_ch
lumma (aka LummaC2 Stealer) botnet C2

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2026-03-09 10:05:35 54eee378bc2e454bbf174cf3b93d7697964d0ea688d6e2441697b6cd3a2871af