← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
The Pumpkin Eclipse - Lumen
WHITE text_account 2024-06-02 Modified: 2024-07-02
93
IOCs
HIGH VOLUME
The Chalubo malware, first identified in 2018, was used in a destructive attack on a single internet service provider in October 2023, Lumen Technologies’ Black Lotus Labs has confirmed.
pathbuttonspanscriptlinktemplateheader dropdowniconbuttonproductsolutionsformfootermetacodeenterprisereloadclosechalubodownloadbodyfindwritestarcopyopenmaincontactoctoberchalubo malwareddosactionteclumenlua scriptlotus labssohonovemberblacknext
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Chalubo
Indicators of Compromise (7 / 93 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 59d70e5a2b470827a750bf2ef36020aec61ae386 SHA1 of a8a2c2f82d542b0e05848d102e2f04239982b48ba7522a83dfc8b1308d7a8c12 2024-06-02
FileHash-SHA1 183fa84e35bb498efb4dfb05d2a4997cd66e2f0f 2024-06-02
FileHash-SHA1 21d9ae29551dcbe39de375bdf8ada5a47b0e2372 2024-06-02
FileHash-SHA1 27dc61dd0bb9a53799ae29c6927f38d98ccdb27b 2024-06-02
FileHash-SHA1 6c6609264e9e4b365e1bd7df187f4405a1df3f02 2024-06-02
FileHash-SHA1 851da211a48eda4fb1bb9914bc6afe2adae82da0 SHA1 of f9db9632ffd7e3bd5b700025fa9278420de0778029fe2eedb6ea7b3d7b999ef6 2024-06-02
FileHash-SHA1 adc617d5bc875d26fef3ef469e88a16079c50274 2024-06-02
References (2)
↗ https://github.com/blacklotuslabs/IOCs/blob/main/Pumpkin_Eclipse_IOCs.txt ↗ https://blog.lumen.com/the-pumpkin-eclipse/