NetDefend IPS
IPS Advisories
NetDefend
Anti-Virus
Anti-Virus Advisories
NetDefend Web Content Filtering
NetDefend IP Reputation
NetDefend Update Center
IPS History
Oct 17, 2024
Oct 09, 2024
Oct 04, 2024
Oct 03, 2024
Sep 25, 2024
Anti-Virus History
Feb 12, 2022
Jan 06, 2022
Oct 23, 2021
Aug 29, 2021
Aug 23, 2021







Home > NetDefend Live > NetDefend IPS Service
NetDefend IPS Service
Print
Advisory ID
48789
Name
MALWARE.FILE.DOWNLOADER.THROUGH.DLL.LOADS.LUMMA.STEALER.G
IPS Signature
Advanced IPS Signature
IPS Group
IPS / MALWARE / GENERAL
Issued
Sep 25, 2024
Description
The infection chain begins with the download of a zip archive, potentially through malvertisements or popup windows, which contains an MSI file that installs and runs a file downloader. The file downloader is side-loaded with a malicious DLL, which then retrieves and runs an EXE for Lumma Stealer. Additionally, the file downloader also retrieves and runs an additional info stealer that communicates with the C2 domain gzipdot.com.
Enter your details in the box below to receive an email each time we post a new issue of our newsletter.







Dec 01, 2024