Pulse Detail — Threat Intelligence

PULSE NAME

Phishing and Malware URLs Exploiting Recent CrowdStrike Incident

WHITE Superpro 2024-07-20 Modified: 2024-08-19

IOCs

MEDIUM VOLUME

Here is the full text of the HijackLoader, which has been used by hackers to launch the attack on the UK's largest online market, Crowdstrike, in the wake of last week's attack.

domain sha256 domain na et ja3 hash tls connection threats open suricata snort alert rule remcos trojan

Indicators of Compromise (6 / 37 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-SHA1	2a2ecbbd4840c486b3507a18307369336ec5a1aa	SHA1 of 5ae3838d77c2102766538f783d0a4b4205e7d2cdba4e0ad2ab332dc8ab32fea9	2024-07-20
FileHash-SHA1	3d5336c676d3dd94500d0d2fe853b9de457f10fd	SHA1 of 835f1141ece59c36b18e76927572d229136aeb12eff44cb4ba98d7808257c299	2024-07-20
FileHash-SHA1	889b4f487d8bba6af6ff6eb7f5afd74957586c49	SHA1 of d6d5ff8e9dc6d2b195a6715280c2f1ba471048a7ce68d256040672b801fda0ea	2024-07-20
FileHash-SHA1	a9becb85b181c37ee5a940e149754c1912a901f1	SHA1 of 02f37a8e3d1790ac90c04bc50de73cd1a93e27caf833a1e1211b9cc6294ecee5	2024-07-20
FileHash-SHA1	f39343933ff3fc7934814d6d3b7b098bc92540a0	SHA1 of 52019f47f96ca868fa4e747c3b99cba1b7aa57317bf8ebf9fcbf09aa576fe006	2024-07-20
FileHash-SHA1	fd73f3561d0cebe341a6c380681fb08841fa5ce6	SHA1 of 2bdf023c439010ce0a786ec75d943a80a8f01363712bbf69afc29d3e2b5306ed	2024-07-20