← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Spoofed Saudi Purchase Order Drops GuLoader
WHITE AlienVault 2022-05-23 Modified: 2022-05-23
8
IOCs
LOW VOLUME
A phishing e-mail that appears to come from an oil company in Saudi Arabia is the latest example of a tactic used by cyber-thieves to target victims of the GuLoader malware.
agent teslalokibotphishingsocial engineeringguloader
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Lokibot Agent Tesla
Indicators of Compromise (1 / 8 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain email
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 c012417c6e5d2210fbe0bc36a79d577b MD5 of 14d52119459ef12be3a2f9a3a6578ee3255580f679b1b54de0990b6ba403b0fe 2022-05-23
References (1)
↗ https://www.fortinet.com/blog/threat-research/spoofed-saudi-purchase-order-drops-guloader