← Back to Pulse Feed
PULSE DETAIL
Endpoint detection and response (EDR) tools are widely deployed and far more capable than traditional antivirus. As a result, attackers use EDR killers to disable or bypass them. The malicious “msimg32.dll” used in Qilin ransomware attacks, which is a multi-stage infection chain targeting EDR systems. It can terminate over 300 different EDR drivers from almost every vendor in the market.
Indicators of Compromise (13)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 05aa031a007e2f51e3f48ae2ed1e1fcb | — | 2026-04-02 | |
| FileHash-MD5 | 1305e8b0f9c459d5ed85e7e474fbebb1 | — | 2026-04-02 | |
| FileHash-MD5 | 6bc8e3505d9f51368ddf323acb6abc49 | — | 2026-04-02 | |
| FileHash-MD5 | 89ee7235906f7d12737679860264feaf | — | 2026-04-02 | |
| FileHash-MD5 | cf7cad39407d8cd93135be42b6bd258f | — | 2026-04-02 | |
| FileHash-SHA1 | 01d00d3dd8bc8fd92dae9e04d0f076cb3158dc9c | — | 2026-04-02 | |
| FileHash-SHA1 | 82ed942a52cdcf120a8919730e00ba37619661a3 | — | 2026-04-02 | |
| FileHash-SHA1 | 84e2d2084fe08262c2c378a377963a1482b35ac5 | — | 2026-04-02 | |
| FileHash-SHA1 | ce1b9909cef820e5281618a7a0099a27a70643dc | — | 2026-04-02 | |
| FileHash-SHA256 | 12fcde06ddadf1b48a61b12596e6286316fd33e850687fe4153dfd9383f0a4a0 | — | 2026-04-02 | |
| FileHash-SHA256 | 16f83f056177c4ec24c7e99d01ca9d9d6713bd0497eeedb777a3ffefa99c97f0 | — | 2026-04-02 | |
| FileHash-SHA256 | 7787da25451f5538766240f4a8a2846d0a589c59391e15f188aa077e8b888497 | — | 2026-04-02 | |
| FileHash-SHA256 | bd1f381e5a3db22e88776b7873d4d2835e9a1ec620571d2b1da0c58f81c84a56 | — | 2026-04-02 |
References (1)