Phishing Attacks 9_4_2021
(1)
Sender ip |
198.251.79.161 |
From |
ANTONIO ARROYO
<antonio.arroyo@corcimex.com> |
Subject |
"RE: pago vencido de febrero y
marzo#" |
Attachment |
factura y datos bancarios.PDF.gz |
MD5 |
f15b5a7477de1c76c07bfb663a18b9ea |
SHA256 |
d1b60d42905403b55d38925a4a763f0d6a276398d7e64708bb7620ef87be755e |
Family |
Unknown |
(2)
Sender ip |
185.222.57.157 |
From |
pragun@sge.com.np |
Subject |
RE:Payment advice for SN 951606 |
Attachment |
HSBc20210216B1.r15 |
MD5 |
ce0ade3f4ac1896aa4b3bf4e594425df |
SHA256 |
1e73928f0ecf5a51d63a652b61cbedf07b833a2d4a492084da22443cee7bf960 |
Family |
AgentTesla |
(3)
Sender ip |
45.133.1.7 |
From |
=?UTF-8?B?VGluYcKgV3U=?=
<ttiknas@toprak.com.tr> |
Subject |
ORDER
INQUIRY--2021-09_HG546092227865431209" |
Attachment |
"HG546092227865431209.zip" |
MD5 |
7697979445b8646a53643e2350199e6a |
SHA256 |
be7889543fa07986da573244f8f49a8efae08f00de973b6db391a70c13d506e0 |
Family |
Formbook |
(4)
Sender ip |
147.135.107.116 |
From |
<sales@duprexoffshore.com> |
Subject |
Payment/Shipment Schedule |
Attachment |
SHIPMENT SCHEDULE 1.rar" |
MD5 |
f2e91f93f7aa90f7b8986ce2024f2a15 |
SHA256 |
877c6b29274ce79bc4822483496d1738bd7c2874ae1dc5b8413607c9b803284f |
Family |
Formbook |
(5)
Sender ip |
45.137.22.138 |
From |
Roy Asghar <saslam@pseb.org.pk> |
Subject |
=?UTF-8?B?UmU6IOWbnuWkje+8mlB1cmNoYXNlIE9yZGVy?= |
Attachment |
Purchase Order.gz |
MD5 |
0d40d197829a01905bbb2146249ea312 |
SHA256 |
1143cfbb509c601ee50b6be91a17576f8f500efe37ce10e35d7101ab54044a9d |
Family |
Formbook |
(6)
Sender ip |
185.222.57.90 |
From |
Vimal Chauhan
<sales@grannysspices.in> |
Subject |
Fwd: GS_ PO NO.186/2021 |
Attachment |
GS_ PO NO.1862021.zip |
MD5 |
3a248b62db6f0410505ecd8ea5ef782c |
SHA256 |
756a11d9c48d7f6a4cae072e41f3a1c7ad82ad305863177339d1a9532d2a9916 |
Family |
AgentTesla |
(7)
Sender ip |
46.183.220.67 |
From |
sales<sale.sg@bruker.com |
Subject |
#2345#Quotation for items list from
bruker singapore Agents |
Attachment |
PO#12456_FROM YHI (VIETNAM) CO.,
LTD#.tar.gz |
MD5 |
43945fd1772dbb787dfb5ae77c32b3d4 |
SHA256 |
ff6ac57f7c624342de64f7e46dfceb2a2e0068a719c06cda45a6d6a7964253ed |
Family |
Unknown |
(8)
Sender ip |
147.135.107.116 |
From |
<info@raamtel.in> |
Subject |
Sales Invoice |
Attachment |
Sales Invoice NO CN 6739.ra |
MD5 |
a7061eb99c3f71c5065d73cb76988be1 |
SHA256 |
0a1d12cfd7f3a2bda8aa6b6ba3311aada3eb5e4b5341b272977a7857f3d399fd |
Family |
Formbook |
(9)
Sender ip |
103.99.1.146 |
From |
WANG Michelle
<TPE.MWENG@cma-cgm.com> |
Subject |
RE: (松進) 04/01 - BL-1只超重櫃 - CMA CGM SHIPMENT V. 0PP93E1MA - CNTR#GLDU7267089 |
Attachment |
CNTR-NO-GLDU7267089.zip |
MD5 |
0ea5f63aed741c625376926f7e5aeffc |
SHA256 |
5ba347c6b668220025390cf668a425c48129ff96d548f62b19a6db1932eeec16 |
Family |
Formbook |
(10)
Sender ip |
146.66.121.65 |
From |
Rediff | KYC | Billing
<rediff011@gmail.com> |
Subject |
Your request has been processed!
|50900032022| |
Attachment |
BILL - APRIL KYC.xlsx |
MD5 |
41c32e1f631c5df43d53272afa7366f5 |
SHA256 |
efd483306bfd25e18255bb639b5cc577b67fa15dbd50cd16cb9edb31fccb42c4 |
Family |
AgentTesla |
(11)
Sender ip |
45.144.225.201 |
From |
Michael Han"
<sales12@ceaworld.com> |
Subject |
RE: Proforma Invoice No. AD1-2001028L,
Packing List and Commercial Invoice for Urgent Shipment |
Attachment |
Shipping Documents.ace |
MD5 |
4395c82903e0ae06dcfeed6a5a93c484 |
SHA256 |
7ae6bb161b226f96118ed466ba318bb5b63f18a02195daebdf45be3b551cd504 |
Family |
AgentTesla |
(12)
Sender ip |
187.217.245.25 |
From |
Ideal Glass & Aluminium Works Sdn.
Bhd.<emma.linderothh@dhl.com> |
Subject |
Purchase Order (Ref. IGA/PO/17493) |
Attachment |
Ref. PDF IGAPO17493.r07 |
MD5 |
867f5ff212f0698e76cab9f9152731f9 |
SHA256 |
9664c1d1ad01ca49f8cbad4d2551013683fd2e267b16351068bd9c750a4dcb78 |
Family |
Formbook |
Family |
AgentTesla |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
very interesting to learn and easy to understand. for more know go
ReplyDeleteExchange Migration
Sigsync Office 365 email signature
ReplyDeleteOffice 365 email signatures are used by businesses of all sizes to enhance their brand and marketing programs. Email signature marketing is easy to adapt to achieve a number of sales goals. In addition, this strategy can support content downloads ads, increase page visits, promote an event, encourage social media engagement and much more.
Email signatures are very effective in leaving a lasting impression on an the audience. Email signature software supports company branding by including the company logo, social media icons, any product links and mobile apps links that gives brand acknowledgement to your organization.
Sigsync is centralized, secure Office 365 email signature software that ensures complete control over your company email signatures. Sigsync provides the best opportunity to brand your business. It helps to design an attractive and professional company-wide email signature on every email across all the email clients and devices.