← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
2021 Gorgon Group APT Operation
WHITE bluewatcher 2022-01-13 Modified: 2022-02-12
92
IOCs
HIGH VOLUME
alosh/3loshagentteslahaggagorgon groupiocsstageagenttesla v3youtube channelalosh3losh ratmanaurlshashc architecturepowershellpythoninjectorgates
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
AgentTesla Alosh/3losh Hagga
Indicators of Compromise (23 / 92 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL YARA hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 0289ee3c551ba84d34ab1760d042ab420733d96dbfedfae9718f8eb138c3259b 2022-01-13
FileHash-SHA256 07ddd3412909da33d751bcf1e3ec22b82464f1dc8b11af6bc7206b5bfe19e477 2022-01-13
FileHash-SHA256 0f8d952d31e5bbbea50ef45c50f9ad0c1047fe51eb5e4340025602a7f5fc5962 2022-01-13
FileHash-SHA256 10314b0e419df11447489f46ed23232b128c91e12119a5cb1dfb8a395d6ae402 2022-01-13
FileHash-SHA256 107c8bfec5d8a4e23c429692da4204025bb77fe71ff6b56a6804f5f19dc820c1 2022-01-13
FileHash-SHA256 36966f3ff9a3540873407980a43f50afb6b826c3e3046e18992dfe7afb6191ff 2022-01-13
FileHash-SHA256 3f978ea5bfab5842d6d9c96ea4ab7b034818accfa9fe90f646e1fde7b23b087e 2022-01-13
FileHash-SHA256 45b8ec3b9809beaf5c877d12924fa6f2983e37d3b3a4e5ad31c2e469ec5dd6f7 2022-01-13
FileHash-SHA256 60a1a9a1e00a7e497cc935e4554ead3eda6ae88914e031c760f92db77c2c8ed0 2022-01-13
FileHash-SHA256 7d5757013dd5f4888b13a1eaf6b615da51b6cb9dc7568c7661857ab2a4cfc1a9 2022-01-13
FileHash-SHA256 818f304883e566aa5cce96bda31d28239ade1164518f38377d6f4d80d449bae6 2022-01-13
FileHash-SHA256 a4e0bf4310658fe98bebd2e94fee706fe52079b3f02d52700a40317d3225b09d 2022-01-13
FileHash-SHA256 aaac6d698326e6fbbcd64057fbf591ef97bf143494ede008d41ab75e5a37db5a 2022-01-13
FileHash-SHA256 ba9fe1f154b98085f694fc4eee4fe19b0337d304b1cb47633b566beced96df93 2022-01-13
FileHash-SHA256 bd630c3f79afd61a57b259f8f69593ead8f7e7bd3a6835bd9d3c4032f30dfb01 2022-01-13
FileHash-SHA256 c4723910526b6c8994e505eee03ffc51b4337a9c870b278041f8cdaee47e97bf 2022-01-13
FileHash-SHA256 cac79774c96452f034a2e3d65334f9123413932b5627d2b639ffa7b4efbf81a7 2022-01-13
FileHash-SHA256 de2cb3d281de8e1c4cd29bac18a633749da5d32013e67104579f3a9ee2bea239 2022-01-13
FileHash-SHA256 f2dbd1f8aee814c623e74b862d1f7be363a93ef6c33ef579cfe7b9b38f274f11 2022-01-13
FileHash-SHA256 520585c44a0f6fbdbaaf7c43b8291f9421b2d1006eedfcbfbf17e7e60ff87abc 2022-01-13
FileHash-SHA256 af2926ce207b2bc813c89d939aaa2b01138ddda63b46416647288d31a75bd226 2022-01-13
FileHash-SHA256 b7e3573f18d53fb1647bf056583e3e284c2acb1b7f0a2f29592db8c80076d83e 2022-01-13
FileHash-SHA256 d322164f81cf3f5c5c576a12e60be6fb27e4cc2e72085f500be81fda18272486 2022-01-13
References (1)
↗ https://guillaumeorlando.github.io/GorgonInfectionchain