← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Hackers Exploits CrowdStrike Issues to Attack Windows System With RemCos Malware
Security firm CrowdStrike has reported that hackers have exploited a content update for its Falcon sensor to attack Windows operating systems with RemCos malware from July 20, 2024. the first such attack in the world.
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
HijackLoader
RemCos
Indicators of Compromise (40)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 1e84736efce206dc973acbc16540d3e5 | MD5 of c44506fe6e1ede5a104008755abf5b6ace51f1a84ad656a2dccc7f2c39c0eca2 | 2024-07-22 | |
| FileHash-MD5 | 371c165e3e3c1a000051b78d7b0e7e79 | MD5 of 5ae3838d77c2102766538f783d0a4b4205e7d2cdba4e0ad2ab332dc8ab32fea9 | 2024-07-22 | |
| FileHash-MD5 | da03ebd2a8448f53d1bd9e16fc903168 | MD5 of d6d5ff8e9dc6d2b195a6715280c2f1ba471048a7ce68d256040672b801fda0ea | 2024-07-22 | |
| FileHash-SHA1 | 2a2ecbbd4840c486b3507a18307369336ec5a1aa | SHA1 of 5ae3838d77c2102766538f783d0a4b4205e7d2cdba4e0ad2ab332dc8ab32fea9 | 2024-07-22 | |
| FileHash-SHA1 | 889b4f487d8bba6af6ff6eb7f5afd74957586c49 | SHA1 of d6d5ff8e9dc6d2b195a6715280c2f1ba471048a7ce68d256040672b801fda0ea | 2024-07-22 | |
| FileHash-SHA1 | fef212ec979f2fe2f48641160aadeb86b83f7b35 | SHA1 of c44506fe6e1ede5a104008755abf5b6ace51f1a84ad656a2dccc7f2c39c0eca2 | 2024-07-22 | |
| FileHash-SHA256 | 48a3398bbbf24ecd64c27cb2a31e69a6b60e9a69f33fe191bcf5fddbabd9e184 | — | 2024-07-22 | |
| FileHash-SHA256 | 5ae3838d77c2102766538f783d0a4b4205e7d2cdba4e0ad2ab332dc8ab32fea9 | — | 2024-07-22 | |
| FileHash-SHA256 | 931308cfe733376e19d6cd2401e27f8b2945cec0b9c696aebe7029ea76d45bf6 | — | 2024-07-22 | |
| FileHash-SHA256 | c44506fe6e1ede5a104008755abf5b6ace51f1a84ad656a2dccc7f2c39c0eca2 | — | 2024-07-22 | |
| FileHash-SHA256 | d6d5ff8e9dc6d2b195a6715280c2f1ba471048a7ce68d256040672b801fda0ea | — | 2024-07-22 | |
| domain | crowdfalcon-immed-update.com | — | 2024-07-22 | |
| domain | crowdstrike-bsod.com | — | 2024-07-22 | |
| domain | crowdstrike-helpdesk.com | — | 2024-07-22 | |
| domain | crowdstrike.buzz | — | 2024-07-22 | |
| domain | crowdstrike0day.com | — | 2024-07-22 | |
| domain | crowdstrikebluescreen.com | — | 2024-07-22 | |
| domain | crowdstrikeblueteam.com | — | 2024-07-22 | |
| domain | crowdstrikebsod.com | — | 2024-07-22 | |
| domain | crowdstrikeclaim.com | — | 2024-07-22 | |
| domain | crowdstrikedoomsday.com | — | 2024-07-22 | |
| domain | crowdstrikedown.com | — | 2024-07-22 | |
| domain | crowdstrikedown.site | — | 2024-07-22 | |
| domain | crowdstrikefix.com | — | 2024-07-22 | |
| domain | crowdstrikeodayl.com | — | 2024-07-22 | |
| domain | crowdstrikeoutage.info | — | 2024-07-22 | |
| domain | crowdstrikereport.com | — | 2024-07-22 | |
| domain | crowdstriketoken.com | — | 2024-07-22 | |
| domain | crowdstrikeupdate.com | — | 2024-07-22 | |
| domain | crowdstuck.org | — | 2024-07-22 | |
| domain | fix-crowdstrike-apocalypse.com | — | 2024-07-22 | |
| domain | fix-crowdstrike-bsod.com | — | 2024-07-22 | |
| domain | microsoftcrowdstrike.com | — | 2024-07-22 | |
| domain | whatiscrowdstrike.com | — | 2024-07-22 | |
| hostname | crowdstrike.phpartners.org | — | 2024-07-22 | |
| hostname | www.crowdstrike0day.com | — | 2024-07-22 | |
| hostname | www.crowdstrikefix.com | — | 2024-07-22 | |
| hostname | www.crowdstriketoken.com | — | 2024-07-22 | |
| hostname | www.fix-crowdstrike-bsod.com | — | 2024-07-22 | |
| hostname | www.microsoftcrowdstrike.com | — | 2024-07-22 |