Lumma Stealer campaign attacks developers on GitHub
Tags
country: Russia
attack-pattern: Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 7f8c6021-d718-4740-9607-0fea3bbbb4bf
Fingerprint 8423c112b384f89
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 19, 2024, 6:43 p.m.
Added to db Sept. 19, 2024, 9:08 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Lumma Stealer campaign attacks developers on GitHub
Title Lumma Stealer campaign attacks developers on GitHub
Detected Hints/Tags/Attributes 23/2/12
Source URLs
Redirection Url
Details Source https://lypd0.medium.com/lumma-stealer-delivered-through-github-issues-5479be5e2d18?source=rss------malware-5
URL Provider
Details Provider Source level domain
Details medium.com lypd0.medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 171 Malware on Medium https://medium.com/feed/tag/malware 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 15 
github-scanner.com
Details Domain 2 
modalbg.style
Details Domain 2 
tmptxtarea.select
Details Domain 339 
system.net
Details Domain 911 
any.run
Details File 1208 
powershell.exe
Details File 10 
download.txt
Details File 31 
document.exe
Details File 10 
l6e.exe
Details File 8 
syssetup.exe
Details Url 2 
https://github-scanner.com/download.txt').content
Details Url 2 
https://github-scanner.com/l6e.exe