← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
RomCom exploits Firefox and Windows zero days in the wild
WHITE RomCom tr2222200 2024-12-10 Modified: 2024-12-27
10
IOCs
LOW VOLUME
sandbox-escapefirefoxromcom backdoorwindowsbackdoorprivilege-escalation
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
RomCom backdoor
Indicators of Compromise (10)
All FileHash-SHA1 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 abb54c4751f97a9fc1c9598fed1ec9fb9e6b1db6 2024-12-10
URL https://journalctd.live/JfWb4OrQPLh 2024-12-10
domain 1drv.us 2024-12-10
domain correctiv.sbs 2024-12-10
domain cwise.store 2024-12-10
domain devolredir.com 2024-12-10
domain journalctd.live 2024-12-10
domain redirconnectwise.cloud 2024-12-10
domain redircorrectiv.com 2024-12-10
domain redjournal.cloud 2024-12-10
References (1)
↗ https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/