Pulse Detail — Threat Intelligence

PULSE NAME

The Pumpkin Eclipse - Lumen

WHITE Tr1sa111 2024-06-25 Modified: 2024-07-04

IOCs

HIGH VOLUME

↓ CSV ↓ JSON

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1195 T1199 T1140 T1055 T1102 T1104 T1016 T1070 T1218 T1495

MALWARE FAMILIES

Chalubo

Indicators of Compromise (76)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	d23dab9c57284b5457c991abe63b7cd4	MD5 of a8a2c2f82d542b0e05848d102e2f04239982b48ba7522a83dfc8b1308d7a8c12	2024-06-25
FileHash-SHA1	59d70e5a2b470827a750bf2ef36020aec61ae386	SHA1 of a8a2c2f82d542b0e05848d102e2f04239982b48ba7522a83dfc8b1308d7a8c12	2024-06-25
FileHash-SHA256	a8a2c2f82d542b0e05848d102e2f04239982b48ba7522a83dfc8b1308d7a8c12	—	2024-06-25
FileHash-MD5	28827aba3675e1a802bb7d8113701615	MD5 of f9db9632ffd7e3bd5b700025fa9278420de0778029fe2eedb6ea7b3d7b999ef6	2024-06-25
FileHash-SHA1	183fa84e35bb498efb4dfb05d2a4997cd66e2f0f	—	2024-06-25
FileHash-SHA1	21d9ae29551dcbe39de375bdf8ada5a47b0e2372	—	2024-06-25
FileHash-SHA1	27dc61dd0bb9a53799ae29c6927f38d98ccdb27b	—	2024-06-25
FileHash-SHA1	6c6609264e9e4b365e1bd7df187f4405a1df3f02	—	2024-06-25
FileHash-SHA1	851da211a48eda4fb1bb9914bc6afe2adae82da0	SHA1 of f9db9632ffd7e3bd5b700025fa9278420de0778029fe2eedb6ea7b3d7b999ef6	2024-06-25
FileHash-SHA256	00550d5c2ed14a445ae13cff8eff32ba7a7dd502d145481bcd18161cf1df540d	—	2024-06-25
FileHash-SHA256	0c7c6926e854aac4dc4821be07f826157b576d0a217d74d5675d7b32eb78b50e	—	2024-06-25
FileHash-SHA256	117bd27a209d6350b10f5c8f8cf841755c253276460be8c7681f5357e07d2e0c	—	2024-06-25
FileHash-SHA256	2a65fdd8c44a6b7191c09702d9f747471564346c465a42b9abbb4dfa1bc5f7fb	—	2024-06-25
FileHash-SHA256	49c04e56dfb17ac16acddfcf9eff7ae82d70294a8ec70b6365ab43a07441badd	—	2024-06-25
FileHash-SHA256	5621cdb8d07900a333d022a9696c1a6f7e45d6cfc713558c462a3ace7c4b426f	—	2024-06-25
FileHash-SHA256	59437e986acd685ad3ce48bf010efff22aa866c0fa066b0e64e510ecb026dd1a	—	2024-06-25
FileHash-SHA256	5b7874b18e8365e07624946a33518988aea4c72478a285a36047b4ba554a7576	—	2024-06-25
FileHash-SHA256	5b9405418b654c9418e514ae3420c72af58d418adefca43644bf2bf14d89cc5a	—	2024-06-25
FileHash-SHA256	5fc8534d490312823a49e2a13afc8a7b6b026280c79db704465fddd8a1fdc376	—	2024-06-25
FileHash-SHA256	619564061e62a6352f0ce1a06d2883d46eb69df16322b30e8a2a9c65e2d32f5f	—	2024-06-25
FileHash-SHA256	6be5b4bc461f1ba931bfe773df66bf5f8052626adbdf2b1156a06d0da2d8d3d1	—	2024-06-25
FileHash-SHA256	7a81bbb1f7055cd3f30db8bb2a104b969914ccd520cf85c24b25ba5b0c720206	—	2024-06-25
FileHash-SHA256	8639bbb3ffe5fa51334c6ab4d45ae1647a29a97f061a9456991333ab166b52fd	—	2024-06-25
FileHash-SHA256	8f4b61975539dbfe903f448636a48168351018801f2581a63d97179c37cad979	—	2024-06-25
FileHash-SHA256	967289406b0da030a93cefaa2644b109260565f5f767b95ce2a5d96d49c57bf2	—	2024-06-25
FileHash-SHA256	9b929bcc182c39540767a9b8237a8436c82997c68d4d2ba710241387c39c27f5	—	2024-06-25
FileHash-SHA256	b2e2193e49ee1240be30f5040dbb5e2c973cdfb02c3ea88ef4ffeda884de28c2	—	2024-06-25
FileHash-SHA256	b5fc0c265eb192b2a2d778e66d6f076e876eeacf57c3927e406b4e1b72152038	—	2024-06-25
FileHash-SHA256	bdef8e089ffa00794f40f14ad3cdb8f1629241a4ac313bef8fe3d38e08207e4c	—	2024-06-25
FileHash-SHA256	d0643c777b0b24ca747f7dc79d3bdfbc04d3095ded760e6a54fa62bfa6945df3	—	2024-06-25
FileHash-SHA256	d6778d5ad096516b881bbf2aca2d790b5217dfb83bb256e3f9d710056c9b512a	—	2024-06-25
FileHash-SHA256	d9322af52b941e76bec3d2596a1c1be47dffc4fb161656da2c7c45b3d492cfd8	—	2024-06-25
FileHash-SHA256	e5030083c101058f52394820420a372bf93bcac2d802902d4d4c91470c96b608	—	2024-06-25
FileHash-SHA256	ed9511c16229f4bb41f461e90fff7964e79f2c2d27e7de2b107e4d003e9e0def	—	2024-06-25
FileHash-SHA256	f5894f0cc7d9da2f188b740bb0596206038d9dba430c7d2a145d7454d9f1b4db	—	2024-06-25
FileHash-SHA256	f9db9632ffd7e3bd5b700025fa9278420de0778029fe2eedb6ea7b3d7b999ef6	—	2024-06-25
URL	http://185.189.240.13:8080/E2XRIEGSOAPU3Z5Q8	—	2024-06-25
URL	http://185.189.240.13:8080/E2XRIEGSOAPU3Z5Q8/res.dat	—	2024-06-25
URL	http://194.36.190.99:38291/as/crtarm3	—	2024-06-25
URL	http://2.59.222.97/dldsc522dsdasd/res.dat	—	2024-06-25
URL	http://91.211.88.225:8080/SASBCKXOWYALLCZXF	—	2024-06-25
URL	http://91.211.88.6:8080/ASUHALUMNABTC	—	2024-06-25
URL	http://ammhdfgygb.com/dldsc522dsdasd/res.dat	—	2024-06-25
URL	http://coreconf.net:8080/E2XRIEGSOAPU3Z5Q8	—	2024-06-25
URL	http://coreconf.net:8080/E2XRIEGSOAPU3Z5Q8/mips	—	2024-06-25
URL	http://nihiosuxnmo.com:8080/SASBCKXOWYALLCZXF	—	2024-06-25
URL	http://sainnguatc.com:8080/ASUHALUMNABTC	b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793	2024-06-25
URL	http://sainnguatc.com:8080/ASUHALUMNABTC/res.dat	—	2024-06-25
URL	http://secu100.com/23652xxxxx000008skcai/res.dat	—	2024-06-25
URL	http://xmsecu.io/00030674uucyttsikk/res.dat	—	2024-06-25
URL	http://xmsecu.io/00030678bbgstrjs/res.dat	—	2024-06-25
URL	http://xmsecu.io/c638020vkklkjjiu/res.dat	—	2024-06-25
URL	http://xmsecu.net/00030695mcksiqq/res.dat	—	2024-06-25
URL	http://xmsecu100.net/23652xxxxx000008skcai/res.dat	—	2024-06-25
URL	https://cu6s.com	—	2024-06-25
URL	https://dh.id3cqcmgjcb.top	—	2024-06-25
URL	https://m.aiguoba.com	—	2024-06-25
URL	https://m.isanyin.com	—	2024-06-25
URL	https://mh.55dmh.com	—	2024-06-25
URL	https://www.v5002.cn	—	2024-06-25
domain	ammhdfgygb.com	—	2024-06-25
domain	coreconf.net	—	2024-06-25
domain	cu6s.com	—	2024-06-25
domain	nihiosuxnmo.com	—	2024-06-25
domain	sainnguatc.com	—	2024-06-25
domain	secu100.com	—	2024-06-25
domain	xmsecu.io	—	2024-06-25
domain	xmsecu.net	—	2024-06-25
domain	xmsecu100.net	—	2024-06-25
hostname	axon-stall.riddlecamera.net	—	2024-06-25
hostname	dh.id3cqcmgjcb.top	—	2024-06-25
hostname	lighten.medyamol.com	—	2024-06-25
hostname	m.aiguoba.com	—	2024-06-25
hostname	m.isanyin.com	—	2024-06-25
hostname	mh.55dmh.com	—	2024-06-25
hostname	www.v5002.cn	—	2024-06-25

References (1)

↗ https://blog.lumen.com/the-pumpkin-eclipse/