Phishing Attacks 20_6_2021

 



(1)

Sender ip

199.10.31.238

From

"Cellule de Communication Institutionnelle et des Relations Publiques

<ccirp@camtel.cm>"

Subject

"FORM C-06192021 JUN19 2021"

Attachment

"FORM C-06192021.ISO"

MD5

59581ee9a2cb18982b8513df1669b049

SHA256

7049b87105bf668fa5eb1eaaa0000b7957fd939752841504aed80ce9ab1a4324

Family

Formbook

 


(2)

Sender ip

45.137.22.68

From

"Jason Zhou <accounts@en.sinosteel.com>"

Subject

"Re: Payment Advice For Overdue Invoice"

Attachment

"Invoice_V088002904.pdf.zip"

MD5

bc8b9b2748023a7d9771166b44682f55

SHA256

66b205af669c52d6e7c299c72a977306cf18b4c78fa4dab131f8ecf1ff63cceb

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(3)

 

Sender ip

103.133.109.136

From

"SHENZHEN<account02_hengtai@int-freight.com>"

Subject

"RE:statement of account"

Attachment

"SOA.zip"

MD5

ecd8d65b2c179d5758630b98a33c9f5b

SHA256

adb743be8a3f4826f9eed075fee98c8bea68f5d0de9665a359b4b41d0f2be77c

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.


(4)

 

Sender ip

89.22.105.49

From

" Cherry Liu "<sales.manager@ptroil.com>"

Subject

"***UNCHECKED*** RE:SWIFT COPY"

Attachment

"proforma invoice.rar"

MD5

8fffd49119b38b198dc10c61b1898fd6

SHA256

5420ffaef9034b1d9bb820330d85916e8c4dc3b9a897e36bec495ae61a2f313b

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(5)

Sender ip

103.133.109.136

From

"Firemax<sokheng@firemaxcambodia.com>"

Subject

"RE: Purchase Order"

Attachment

"P.O.zip"

MD5

92294b3a668421e12be132a0cffecb38

SHA256

fce77814390e177d223581c79bfc80a811c82118c6112276c76749e8b23446f7

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(6)

Sender ip

103.155.80.187

From

"Mohamed Yusuf" <aqt@alqubbatrd.com>"

Subject

"Re: P.O ENQ/AQT/39023/02/21"

Attachment

"P.O ENQ_AQT.rar"

MD5

34a35e4ea7a06f91b021507de9154324

SHA256

6ba520ec7f950e75ee503a3d1e11f0b96d005324c3a93a8b0fd7d32e54b4b4d4

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(7)

Sender ip

103.155.80.187

From

"Heine" <heine@tiongliong.com>"

Subject

"RE: Pl 100256"

Attachment

"Pl.rar"

MD5

7a931093ffc627464c9694cdb3523440

SHA256

c6714fbd60738fd5358cdb3b171d401826e3e4a30aec30427844b33324b16ea8

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(8)

Sender ip

165.232.155.62

From

"Daniel Tello <danieltello@cclospuentes.com>"

Subject

"Factura 1269"

Attachment

"Factura 160621.zip"

MD5

5ec7dcfb4d76a533132dda8fec45e336

SHA256

d230b15bd179e180c76d406f76b5e48e5b6e5e090631ff179e2434de73d013a7

Family

CoinMiner


(9)

Sender ip

103.155.80.187

From

"Heine" <heine@tiongliong.com>"

Subject

"=?UTF-8?B?UkU6IOuMgOufiSDso7zrrLggU09B?="

Attachment

"statement of account.rar"

MD5

3a7d686964efa53c9c71f20626776e0e

SHA256

6dd7506b228e1821ffa012f2fa39d1cd30b781e42f7caaf2b783a96d4fbdb40f

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(10)

Sender ip

209.127.189.42

From

"marketing@tecpesa.com"

Subject

"=?UTF-8?B?5Y+R56Wo5pSv5LuY?="

Attachment

"TT PROOF.rar"

MD5

ed7057fc80d4e1b4617bf2e05ca94e01

SHA256

e90f0e9b60e058eb358b771eb8acd21b2658cf0dec0df08ebc026076c4575336

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(11)

Sender ip

185.222.58.149

From

"=?UTF-8?B?TXIuIFR1ZG9yIFBvcGVzY3XCoA==?=<sales@compact-industrial.ro>"

Subject

"Re: Confirm New List Of Products Q002-O417729"

Attachment

"List Of Products Q002-O417729.zip"

MD5

429d6f90b18ada8c4bbb660653a804a2

SHA256

fe7d362e89870156f5e144d9745370e4c5387107586ff42bad2b2f3598a0b8e3

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(12)

Sender ip

185.222.58.149

From

"Ben"<redessociales@acciona.com>"

Subject

"RE: URGENT REQUEST FOR QUOTATION AND PROFORMA INVOICE"

Attachment

"LIST OF PRODUCTS NEEDED.zip"

MD5

39e1e3b730f5f31568458237f846feba

SHA256

83ce1019727fc42f20e43f7764579f752cea5b74ddd42c04d4b3f8f5648fff8c

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(13)

Sender ip

164.90.136.114

From

"=?UTF-8?B?REhMIEVYUFJFU1MgSU5Dwq4=?= <support@225.mxvmno.ml>"

Subject

"CONSIGNMENT NOTIFICATION: You Have A Package With Us:"

Attachment

"DHL Original Invoice_pdf.rar"

MD5

59cd5ccff664f2ff69cf39397f5c3bc7

SHA256

f05b68abdacfb73f82c36202e7ac88fa9a1d6d20716543692b840222b7a3fef3

Family

SnakeKeylogger


(14)

Sender ip

107.173.62.176

From

"[FedEx] <FedEx-Kul-Import@fedex.com>"

Subject

"FedEx 17062021 - Information is required"

Attachment

"FedEx doc 17062021.rar"

MD5

6ce3a5242c1f4339cc3a1d1d6b060a6f

SHA256

feeeed09f9aa0a1321036701eedb7706f70f11fa9cbd9dcc4de7f669c27767d6

Family

Formbook


(15)

Sender ip

45.137.22.36

From

"<accounts@ssipblr.com>"

Subject

"Fwd: New Order!!!!"

Attachment

"70654 SSEBACT.zip"

MD5

b124c45c175e8015a9bf7519106c4bce

SHA256

d533c81dc1cc2768b40d984c8af2f07d62f3beb3bf59bd456d73f10911facc6a

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(16)

Sender ip

84.38.130.222

From

"Scotsman Guide <Originator@scotsmanguide.com>"

Subject

"Re: Arrange Charges In The File"

Attachment

"Arrange Charge.r00"

MD5

e31312c6e1e07113ec617791060f2f20

SHA256

97f0dc5d6cccc16d4e147799580d302b3c2236433f3973451b31f8d8139a0bba

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.


If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA



Comments

Popular posts from this blog

Sunburst Solarwinds Backdoor

Phishing Attacks 9_4_2021

Conti Ransomware