Kaspersky crimeware report: ASMCrypt, Lumma and Zanubis
Tags
cmtmf-attack-pattern: Masquerading
country: Spain Peru
attack-pattern: Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Server - T1583.004 Server - T1584.004 Masquerading - T1036 Masquerading
Show in Graph
Common Information
Type Value
UUID 60061a54-76a1-4221-ab31-aac2aa856ff9
Fingerprint ac149d018eb90ec3
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 28, 2023, 8 a.m.
Added to db Oct. 22, 2023, 10:40 p.m.
Last updated Nov. 11, 2024, 1:27 a.m.
Headline A cryptor, a stealer and a banking trojan
Title Kaspersky crimeware report: ASMCrypt, Lumma and Zanubis
Detected Hints/Tags/Attributes 59/3/18
Source URLs
Redirection Url
Details Source https://securelist.com/crimeware-report-asmcrypt-loader-lumma-stealer-zanubis-banker/110512/
URL Provider
Details Provider Source level domain
Details securelist.com securelist.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 223 Securelist https://securelist.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 338 
kaspersky.com
Details Domain 52 
socket.io
Details Email 28 
crimewareintel@kaspersky.com
Details File 95 
pdf.exe
Details File 2 
socket.php
Details md5 2 
6b4c224c16e852bdc7ed2001597cde9d
Details md5 2 
844ab1b8a2db0242a20a6f3bbceedf6b
Details md5 3 
a09daf5791d8fd4b5843cd38ae37cf97
Details md5 4 
5aac51312dfd99bf4e88be482f734c79
Details md5 2 
d1f506b59908e3389c83a3a8e8da3276
Details md5 2 
c2a9151e0e9f4175e555cf90300b45c9
Details md5 2 
054061a4f0c37b0b353580f644eac554
Details md5 2 
a518eff78ae5a529dc044ed4bbd3c360
Details md5 2 
41d72de9df70205289c9ae8f3b4f0bcb
Details md5 2 
9b00a65f117756134fdb9f6ba4cef61d
Details md5 2 
8d99c2b7cf55cac1ba0035ae265c1ac5
Details md5 2 
248b2b76b5fb6e35c2d0a8657e080759
Details md5 2 
a2c115d38b500c5dfd80d6208368ff55