CrowdStrike® Falcon® OverWatch™ is the CrowdStrike managed threat hunting . PlugX using a method that leverages InstallUtil.exe8 to bypass whitelisting. Adversary use of InstallUtil.exe to deploy PlugX implant. login.googlebills[.]net..