IDP Signatures
79558 MALWARE.FILE.DOWNLOADER.THROUGH.DLL.LOADS.LUMMA.STEALER.C
Back to list| Signature Id | 79558 |
| Name | MALWARE.FILE.DOWNLOADER.THROUGH.DLL.LOADS.LUMMA.STEALER.C |
| Group | IPS MALWARE GENERAL |
| Issued | 2024-09-25 |
| Last Updated | 2024-09-25 |
| Description | The infection chain begins with the download of a zip archive, potentially through malvertisements or popup windows, which contains an MSI file that installs and runs a file downloader. The file downloader is side-loaded with a malicious DLL, which then retrieves and runs an EXE for Lumma Stealer. Additionally, the file downloader also retrieves and runs an additional info stealer that communicates with the C2 domain gzipdot.com. |