Posts

Phishing Attacks 30_7_2021

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course (1) Sender ip 202.55.132.5 From "Julie Han" <FRANK.LUPU@lupufinancial.com>" Subject "RE: Invoice & Packing list For Sea Shipment" Attachment "Invoice & Packing list For Sea Shipment.iso" MD5 cfe950b674ca05aa5724f225095fc8a4 SHA256 246909611827ef01c98ced2c15a219bad01d7011a67a73951471733ea1daa134 Family Formbook   (2) Sender ip 45.137.22.57 From "Mark Andrew <sales@csl-group.com>" Subject "VM Accord, ORDER: TKHA-A88160011B" Attachment "VM Accord, ORDER TKHA-A88160011B.pdf.zip" MD5 392fa485723aa7918db7b3101d

IOCs 29_7_2021

Image
  (1) File Name SAFRBRSPXXX-ENV Pagamento.Pdf.exe Created process SAFRBRSPXXX-ENV Pagamento.Pdf.exe Connected (Ip/Dns) www[.]papablogzzi[.]com/obow/?KtcDut2=1VrCfiMx9p5ilus1TKROIrvj1VUTHlogM2S5omFL77mydScixv3AVTUEdixyJGdTuRhrUQ==&mz7xU=zZOP1n18Ez MD5 c30080b7ad906899fade216c014222b4 SHA256 6d1b20a3efb84a54e22da5d00f24f03b213ecf73cf429409c46b1f20bf5e8ec5 Family Formbook (2) File Name Payment_Advice.exe Created process Payment_Advice.exe Connected (Ip/Dns) www[.]missabrams[.]com/uecu/?Y2sDANL=hAxtKVsn7YW+SKLSlnZYg9LAm42i0C2ytoRTsev/1QRgxVgbjhx6TAAmqGBroVCT3nU8Cg==&BRC=UTplG6hPL8ohP MD5 0c90a502cf1d5e66b289b82a22fc1693 SHA256 12d89c6e8e3ef2ec6ae4fda7dce291a2418a51daa9eba44a583ced847c9e4e42 Family Formbook