LetsDefend Monitoring Alert

Lumma Stealer

Mar, 13, 2025, 09:44 AM

Event ID: 316

Event Time: Mar, 13, 2025, 09:44 AM

Rule Name: SOC338 - Lumma Stealer - DLL Side-Loading via Click Fix Phishing

Alert Type: Data Leakage

MITRE Technique:
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1059 - Execution - Command and Scripting Interpreter,
T1204 - Execution - User Execution,
T1105 - Command and Control - Ingress Tool Transfer,
T1574 - Persistence - Hijack Execution Flow,
T1027 - Defense Evasion - Obfuscated Files or Information,
T1204.001 - Execution - User Execution: Malicious Link,
T1574.002 - Defense Evasion - Hijack Execution Flow: DLL Side-Loading,

Severity: Critical

Security Analyst

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166