IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Threat Actors are Exploiting the Recent CrowdStrike Outage in an Effort to Deploy Malware and to Stage eCrime Operations

DATE : 2024-07-24T00:01:00
SOURCE : securonix.com

FILE_HASH_SHA256:
4f450abaa4daf72d974a830b16f91deed77ba62412804dca41a6d42a7d8b6fd0
d6d5ff8e9dc6d2b195a6715280c2f1ba471048a7ce68d256040672b801fda0ea
02f37a8e3d1790ac90c04bc50de73cd1a93e27caf833a1e1211b9cc6294ecee5
6010e2147a0f51a7bfa2f942a5a9eaad9a294f463f717963b486ed3f53d305c2
835f1141ece59c36b18e76927572d229136aeb12eff44cb4ba98d7808257c299
c44506fe6e1ede5a104008755abf5b6ace51f1a84ad656a2dccc7f2c39c0eca2
931308cfe733376e19d6cd2401e27f8b2945cec0b9c696aebe7029ea76d45bf6
52019f47f96ca868fa4e747c3b99cba1b7aa57317bf8ebf9fcbf09aa576fe006
48a3398bbbf24ecd64c27cb2a31e69a6b60e9a69f33fe191bcf5fddbabd9e184
be074196291ccf74b3c4c8bd292f92da99ec37a25dc8af651bd0ba3f0d020349
b1fcb0339b9ef4860bb1ed1e5ba0e148321be64696af64f3b1643d1311028cb3
2bdf023c439010ce0a786ec75d943a80a8f01363712bbf69afc29d3e2b5306ed
b6f321a48812dc922b26953020c9a60949ec429a921033cfaf1e9f7d088ee628
5ae3838d77c2102766538f783d0a4b4205e7d2cdba4e0ad2ab332dc8ab32fea9
C44506FE6E1EDE5A104008755ABF5B6ACE51F1A84AD656A2DCCC7F2C39C0ECA2
5AE3838D77C2102766538F783D0A4B4205E7D2CDBA4E0AD2AB332DC8AB32FEA9
4F450ABAA4DAF72D974A830B16F91DEED77BA62412804DCA41A6D42A7D8B6FD0
52019F47F96CA868FA4E747C3B99CBA1B7AA57317BF8EBF9FCBF09AA576FE006
835F1141ECE59C36B18E76927572D229136AEB12EFF44CB4BA98D7808257C299
B1FCB0339B9EF4860BB1ED1E5BA0E148321BE64696AF64F3B1643D1311028CB3
B6F321A48812DC922B26953020C9A60949EC429A921033CFAF1E9F7D088EE628
6010E2147A0F51A7BFA2F942A5A9EAAD9A294F463F717963B486ED3F53D305C2
931308CFE733376E19D6CD2401E27F8B2945CEC0B9C696AEBE7029EA76D45BF6
BE074196291CCF74B3C4C8BD292F92DA99EC37A25DC8AF651BD0BA3F0D020349
48A3398BBBF24ECD64C27CB2A31E69A6B60E9A69F33FE191BCF5FDDBABD9E184

Domain:
crowdstrikedoomsday.com
winsstrike.com
crowdstrikecommuication.app
fix-crowdstrike-bsod.com
crowdstrikedown.site
crowdstrikeoopsie.com
crowdstrikebsodfix.blob.core.windows.net
crowdfalcon-immed-update.com
supportportal.crowdstrike.com
bsodsm8rlixamzgjedu.com
crowdstrike0day.com
crowdstrikefail.com
crowdstrikehealthcare.com
crowdstrike-falcon.online
clownstrike.co.uk
crowdstrike.woccpa.com
crowdstrike-bsod.com
crowdstrikebug.com
microsoftcrowdstrike.com
crowdstrikebluescreen.com
crowdstrikeupdate.com
crowdstrikeoutage.com
crowdstriketoken.com
crowdstrikerecovery1.blob.core.windows.net
crowdstrikedown.com
crowdstrikeoutage.info
crowdstrike.okta.com
crowdstrikeclaim.com
supportfalconcrowdstrikel.com
crowdstrike.orora.group
crowdstrike-helpdesk.com
crashstrike.com
isitcrowdstrike.com
fix-crowdstrike-apocalypse.com
crowdstrikefix.com
crowdstrike.phpartners.org
crowdstrikebsod.com
crowdstrikeodayl.com
whatiscrowdstrike.com
crowdstuck.org
crowdstrikeblueteam.com
crowdstrikereport.com
iscrowdstrikefixed.com
iscrowdstrikestilldown.com
crowdstruck.us
howtofixcrowdstrikeissue.com
fix-crowdstrike.com
crowdstrikeswag.com
spain.crowdstrikebenefits.com
us.crowdstrikebenefits.com
japan.crowdstrikebenefits.com
pay.crowdstrikecure.com
pay.crowdstrife.com
pay.crowdstrikerecovery.com
interpol.int
crowdstrike.com
kroll.com
cyble.com

Url:
https://www.interpol.int/en/News-and-Events/News/2020/INTERPOL-report-shows-alarming-rate-of-cyberattacks-during-COVID-19
https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hu
https://www.kroll.com/en/insights/publications/cyber/threat-intelligence-reports/q1-2024-threat-landscape-report-insider-threat-phishing-evolve-under-ai
https://www.crowdstrike.com/blog/falcon-sensor-issue-use-to-target-crowdstrike-customer
https://cyble.com/blog/threat-actors-exploit-recent-crowdstrike-outage-to-ramp-up-suspicious-domain-creatio
https://www.crowdstrike.com/blog/likely-ecrime-actor-capitalizing-on-falcon-sensor-issue