Phishing Attacks 8_5_2021

 




(1)

Sender ip

45.137.22.41

From

"JENNIFER <Sales@agsflow.com.sg>"

Subject

"RE : RFQ-AGS21277"

Attachment

"RFQ-AGS21277_pdf.lzh"

MD5

ca0d509b6ed3098e589ef16fc8e900b1

SHA256

e47e486c7a41e027316eb01cf4b9a93f847933566e84ae178eaa99d5accc4d7e

Family

Loki

 


(2)

Sender ip

103.139.44.91

From

"Hong Lam <boris.zhang@sailuntire.com>"

Subject

"SWIFT COPY FOR ADVANCE PAYMENT"

Attachment

"SWIFT COPY FOR ADVANCE PAYMENT.rar"

MD5

16a2e60be265343b6b55e16110d5633f

SHA256

3f9eb1d67f5f85ad76dc28a3fa3112459d7bb614ff177cbd178ee1035649da15

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(3)

 

Sender ip

103.133.106.100

From

"Sofien Ben Jemaa<info@probona.com.tr>"

Subject

"Original Documents"

Attachment

"Invoice_20210204.zip"

MD5

a3aadc97039f85f40f8fef2522d23116

SHA256

60c51de032d9f139ccd9f4dcbbd88f4e3911ac496042fad636c1361daaf71a48

Family

SnakeKeylogger

 


(4)

 

Sender ip

103.133.106.100

From

"Sofien Ben Jemaa<info@probona.com.tr>"

Subject

"Original Documents"

Attachment

"BL.zip"

MD5

6487f113dda7b69b9404d218d525fbf2

SHA256

73f765a9c4713b8047fe5f71e0bd38426f230df062b6e291990dffe6e0836ba8

Family

AgentTesla

 

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(5)

Sender ip

103.139.44.91

From

"Wang Fang <boris.zhang@sailuntire.com>"

Subject

"NEW ORDER #745332"

Attachment

"NEW ORDER #745332.rar"

MD5

b1b481f73161a2306815df887dc32f03

SHA256

8bf61f9efba8f27282e3bb4d0e3661260ce5c265c27630878b64aa138a1adc68

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(6)

Sender ip

103.139.44.91

From

"Suzy (Borgers-Tuopu)"<suzy@borgers-tuopu.com>"

Subject

"RE: AW: Ningbo New Order TP-20210345002"

Attachment

"NINGBO-ORDER TP-20210345002.wim.001"

MD5

131639bf3ca42f4fdd8d9a97cfde11e0

SHA256

97e2aef18478986c555089e29a6ef38ac5dfe4109d996e7ca0abaa231535a8a7

Family

Unknown


(7)

Sender ip

45.137.22.149

From

"info@dijlashipping.com"

Subject

"RE: SHIPPING DOCUMENT & PACKING LIST"

Attachment

"PMSHIPPING DOCUMENT & PL.r00"

MD5

8f1d3b0ef919775f563e4c6fe4cc2f91

SHA256

3f21c1dadbb99df098bc46b886abcd6d8e9d4093e9283f6bf9de185a2446dddf

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla..


If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  
YouTube channel 
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA

Comments

Post a Comment

Popular posts from this blog

Phishing Attacks 23_4_2022

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course   (1) Sender ip 180.214.238.82 From "Dang Thi Thu Hien<hiendang@panpacific.co.kr>" Subject "RE: [SSC CS] F22 03/09 Buy Shipping request_04062022" Attachment "SEALOGISTICS DEBIT NOTE.zip" MD5 add8e964a595d7af30f02783943c3a00 SHA256 24f6485539bc5d700d17ec8d629827ea80dfae2eb2189e872f4b8ae0e7f1d66f Family AgentTesla   If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube   AgentTesla .         (2) Sender ip 138.197.200.182 From "Nguyen Thi Quy <nguyen@47.fximnii.sbs>" Subject "RE: Purchase Inquiry: KPC/PU-231(MECH...
Read more

Phishing Attacks 3_3_2021

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course (1) Sender ip 45.137.22.124 From "Cheng Yong"<rosa@franball.net>" Subject "RV: Shipping advice - 2nd container under ct.876" Attachment "SHIPPING ADVICE#202203.zip" MD5 aa2d18552a8d5041e4c757cee09f2c4d SHA256 0628b564bad3c4e59644e91398899f88143aa2eb3473e720270fb1566c628d60 Family AgentTesla If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube   AgentTesla .       (2) Sender ip 2.56.56.35 From "contato@vastoverde.com.br" Subject "fwd :Outstanding Remittance payment" Attachment "receipt_pdf.z" ...
Read more

Phishing Attacks 15_12_2021

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course (1) Sender ip 37.0.10.173 From "Mona Bharti <m.bhart@frigel.com>" Subject "Purchase Order 1212200205_PR21220055" Attachment "Purchase Order 1212200205_PR21220055.zip" MD5 5e1c9b4e130a7a9bb68ed6e6f414ff20 SHA256 0ba7a7c7189d5bcd38048ba7418ff521d6a00ab36804b8980c4d51ba43fcf070 Family AgentTesla If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube   AgentTesla .          (2) Sender ip 45.137.22.181 From "ajay.katoch@unilever.com" Subject "RE: invoice & packing list for shipping order no. 411301" Attachment ...
Read more