Pulse Detail — Threat Intelligence

PULSE NAME

The Pumpkin Eclipse - Lumen

WHITE bluenumberone 2024-05-31 Modified: 2024-06-30

IOCs

HIGH VOLUME

The Chalubo malware family was used in a destructive attack on a single internet service provider in late October 2023, Lumen Technologies’ Black Lotus Labs has revealed in an open-source report.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1195 T1199 T1140 T1055 T1102 T1104 T1016 T1070 T1218 T1495

MALWARE FAMILIES

Chalubo

Indicators of Compromise (2 / 93 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	d23dab9c57284b5457c991abe63b7cd4	MD5 of a8a2c2f82d542b0e05848d102e2f04239982b48ba7522a83dfc8b1308d7a8c12	2024-05-31
FileHash-MD5	28827aba3675e1a802bb7d8113701615	MD5 of f9db9632ffd7e3bd5b700025fa9278420de0778029fe2eedb6ea7b3d7b999ef6	2024-05-31

References (2)

↗ https://github.com/blacklotuslabs/IOCs/blob/main/Pumpkin_Eclipse_IOCs.txt ↗ https://blog.lumen.com/the-pumpkin-eclipse/