Phishing Attacks 28_4_2021
(1)
Sender ip |
128.199.152.121 |
From |
"sajjad@afzalmachinery.com" |
Subject |
"RE: invoice 8b00649" |
Attachment |
"invoice 8b00649.r00" |
MD5 |
f9804b80174f8b4a6f60a7df780f6874 |
SHA256 |
66278b8fcd836ebffdda546f17e3698e661a5e3e1550ea502b6a95e357036e48 |
Family |
AgentTesla |
(2)
Sender ip |
45.137.22.56 |
From |
"Tariq
Bashir<Finance@acgbahamas.com>" |
Subject |
"Down payment #swift
28.04.2021" |
Attachment |
"SWIFT COPY pdf.z" |
MD5 |
59a91e78c8fb0e0fb804b1e7f2e9a98f |
SHA256 |
e07898b695f170c24a809cdc30bda776ae87abbe14f944ebb87e291582cad847 |
Family |
Unknown |
(3)
Sender ip |
51.195.135.77 |
From |
"Jenifer"
<jennifer@dragontech-group.com>" |
Subject |
"Invoice" |
Attachment |
"Invoice.zip" |
MD5 |
d3e5f802575eee446522f2341403d307 |
SHA256 |
1397eab0270289529612e24e011c24bfdcff9b8a3ea2d58ea995f94a3a9cb730 |
Family |
AgentTesla |
(4)
Sender ip |
185.222.58.152 |
From |
"Account"
<inginer@ecolux.md>" |
Subject |
"Statement of account" |
Attachment |
"SOA.zip" |
MD5 |
b5155ad7c3debabeece655d1852095c4 |
SHA256 |
90c1d680a867af042eaf60ba32ab1a651ee270a3fbad7cf806681d6b74138d33 |
Family |
AgentTesla |
(5)
Sender ip |
185.222.58.152 |
From |
"Account"
<inginer@ecolux.md>" |
Subject |
"Statement of account" |
Attachment |
"SOA.zip" |
MD5 |
b5155ad7c3debabeece655d1852095c4 |
SHA256 |
90c1d680a867af042eaf60ba32ab1a651ee270a3fbad7cf806681d6b74138d33 |
Family |
AgentTesla |
(6)
Sender ip |
199.10.31.238 |
From |
"ross.kohlbeck@amerhart.com" |
Subject |
"Re: RE: Request For PI" |
Attachment |
"Order Items.gz" |
MD5 |
efd35f97c09fdcc7cc4114fab49a87b9 |
SHA256 |
40cec6cc82800698e57005753fa5bc7a379a64b3a3ed15efc6ad357604edd7ea |
Family |
AgentTesla |
(7)
Sender ip |
185.222.57.216 |
From |
"accounts@ccmarine.in" |
Subject |
"Re-Confirm Attached Invoice For
Payment Process" |
Attachment |
"Invoice 01859.rar" |
MD5 |
18b44f77e1e7745e9fd83d75ad01df91 |
SHA256 |
0edb8c8d9ff0709677aca64cc723b82302d244cfb9dc69129674aa417d495321 |
Family |
AgentTesla |
(8)
Sender ip |
103.138.109.241 |
From |
"COSCO SHIPPING TANKER(Singapore)
PteLtd <ops@csdvlp.com.sg>" |
Subject |
"M/T. YUAN JU WAN EPDA AND PORT
INFO REQUEST " |
Attachment |
"VESSEL PARTICULARS.zip" |
MD5 |
17da9c9f6617334b1934dc9527a3b071 |
SHA256 |
1730da6bbda8300eca3cc4ebd072fbeba77dc964e86af7c672dd02f4034dcc74 |
Family |
Unknown |
(9)
Sender ip |
185.222.57.157 |
From |
"shafiqhanif.hy@gmail.com" |
Subject |
"RE: Attached copy of proof of
payment" |
Attachment |
"payment copy.r00" |
MD5 |
8103c13763cf6ade83af5f3de3dfe681 |
SHA256 |
1fe457032d45f8a27c6aaf4470e9eeeff496faa45045600c2007b6e3197bf51c |
Family |
AgentTesla |
(10)
Sender ip |
199.10.31.237 |
From |
"purchase.pmgroup@mail.ru" |
Subject |
"Re: RE: April Inquire
Order" |
Attachment |
"Order specs No12.gz" |
MD5 |
c510d141ee0d9e9cdc5a7a3c9c514ed4 |
SHA256 |
17fe063619c08c97dd6ebaa9e4e47df51852a2873e2a13f0260620add41b34d4 |
Family |
AgentTesla |
(11)
Sender ip |
185.222.57.216 |
From |
"trend@latrendexports.com" |
Subject |
"PAYMENT ADVICE FOR OUTSTANDING
SOA," |
Attachment |
"payment advice 0264.rar" |
MD5 |
c2edb5f467db0ac0bf4b40307e36e066 |
SHA256 |
8deaa8789f9392ce4fbab6cfbb6598d5c4cd075012b396827103b00958490c9a |
Family |
AgentTesla |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment