2025-08-15 (FRIDAY): LUMMA STEALER INFECTION WITH SECTOP RAT (ARECHCLIENT2)

NOTES:

• Zip files are password-protected.  Of note, this site has a new password scheme.  For the password, see the "about" page of this website.

REFERENCES:

• https://www.linkedin.com/posts/unit42_lummastealer-sectoprat-arechclient2-activity-7362242961708863490-_Czu/
• https://x.com/Unit42_Intel/status/1956477339199472102
• https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2025-08-15-IOCs-for-Lumma-Stealer-infection-with-Sectop-RAT.txt

ASSOCIATED FILES:

• 2025-08-15-IOCs-for-Lumma-Stealer-infection-with-Sectop-RAT.txt.zip   3.7 kB   (3,732 bytes)
• 2025-08-15-Lumma-Stealer-infection-with-Sectop-RAT.pcap.zip   22.1 MB   (22,115,013 bytes)
• 2025-08-15-malware-from-Lumma-Stealer-with-SectopRAT-infection.zip   20.5 MB   (20,499,729 bytes)

 

Click here to return to the main page.