Phishing Attacks 23_6_2021
(1)
|
Sender ip |
185.222.57.244 |
|
From |
"AGRI GLOBAL SHIPPING"
<office@act-me.com>" |
|
Subject |
"DRAFT BL - SC 095 MAHARASHTRA 5
FCL SOYA MALAWI-------------------B LOT" |
|
Attachment |
"BL COPY.r15" |
|
MD5 |
c1c49d2f27522f816b24edf611fd380e |
|
SHA256 |
d1a382b7cea7a55447ebfb9316c84bb8556701f87bce02bfe2cbf75c87d30501 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(2)
|
Sender ip |
103.140.250.188 |
|
From |
"Amy Wang
<amy.wang@leman.com>" |
|
Subject |
"Re: Bill Of Lading" |
|
Attachment |
"Bill Of Lading.r00" |
|
MD5 |
1ed3907c56d4b9c1e4636ceca70507b4 |
|
SHA256 |
541fb86c9a0a8f5862c0d30609ce3feb40b47c39efc673ceae26489fe7b678af |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(3)
|
Sender ip |
185.222.57.184 |
|
From |
"Tomas Bosek"
<EXPRESS_ADG@ismarine.com.tr>" |
|
Subject |
"urs.lustenberger@lgpartner.ch
RE: 1000199215 RFQ: 978 PO# 4500101880 For June Order Supply and
Delivery" |
|
Attachment |
"RFQ 978 PO# 4500101880 For June
Order Supply and Delivery.exe.xz" |
|
MD5 |
e1a6e0cd815c6b0a137d59cab4778563 |
|
SHA256 |
5c8e707f97527fe72d69bc3bcde843a12ed7d2496c2951cf3fcaef9746027c01 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(4)
|
Sender ip |
185.222.57.171 |
|
From |
"noreply@swipewalletph.com" |
|
Subject |
"Minutes of Meeting 06/21/2021
" |
|
Attachment |
"Minutes of Meeting
06.21.2021.r00" |
|
MD5 |
6359928b0db9c3986524b32d065a6ca7 |
|
SHA256 |
c3773b3eec40de054099cab333c06b4502b9343aae95ee7d3120d42fb12bfd46 |
|
Family |
SnakeKeylogger |
(5)
|
Sender ip |
45.137.22.88 |
|
From |
"Lisa<lzy-lisa@xwd.com>" |
|
Subject |
"Peanut Contract LZY-2021L0609" |
|
Attachment |
"LZY 2021070 PI.zip" |
|
MD5 |
6a504bb3c2699ddaf7fe5389adcf5836 |
|
SHA256 |
a46b0e2949b1e018750f6e45d4eb72db77af1ffe082d5a5e3497ee96e2f0bfb1 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(6)
|
Sender ip |
103.155.80.129 |
|
From |
"FedEx
Service<petrosmav@sanu.ac.sz>" |
|
Subject |
FEDEX EXPRESS TRACKING - COURIER
DELIVERY" |
|
Attachment |
"AWB.632664757474.pdf.r01" |
|
MD5 |
4ecb62cd1935d6b1e0b22c30fc5d869d |
|
SHA256 |
60583d3561c41aa89536f5daeb16342c7ef178760ae6ea34e2d5be71dda39ca0 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
|
Sender ip |
103.155.80.129 |
|
From |
"FedEx
Service<petrosmav@sanu.ac.sz>" |
|
Subject |
"FEDEX EXPRESS TRACKING - COURIER
DELIVERY" |
|
Attachment |
"FEDEX EXPRESS TRACKING - COURIER
DELIVERY.tar" |
|
MD5 |
e483189544ee75174e50abfe0e557408 |
|
SHA256 |
8c6e39d1d305a32fbbf7635ebda06e31d60f72ec5cc8ea9a05303f752a330890 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(8)
|
Sender ip |
136.144.41.208 |
|
From |
"DIABOS<diabos@diabos.biz>" |
|
Subject |
"M/V Agency Appointment from
CARGILL " |
|
Attachment |
"vessel details.rar" |
|
MD5 |
c8869e83248c4eb6f2717dc9e4e8d060 |
|
SHA256 |
1e0a43c1a7bc122264947b87bf12f3709074b7341a8c0da298be087c8262ca4d |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(9)
|
Sender ip |
185.222.58.149 |
|
From |
"Fatemeh
Mahini"<munir@akkatoglu.com>" |
|
Subject |
"Re: Request for Quotation -
Urgent 6/15/2021" |
|
Attachment |
"scan11062020.zip" |
|
MD5 |
8b1c48a5ec83f63055ba93901b691b7f |
|
SHA256 |
86a10f289353761415b6385721acc7cf0f51186dbacaa66d56dbb0a4b9ab8eb9 |
|
Family |
Unknown |
(10)
|
Sender ip |
147.124.211.69 |
|
From |
"<dberkowitz@madisoncap.com>" |
|
Subject |
"po" |
|
Attachment |
"po6446.z" |
|
MD5 |
de7c3e3e1c170407ef8072068c8a0e54 |
|
SHA256 |
73ad2fabb61ba1561b0697236168284f30128d90ce6b63300fdf44766711c0bc |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(11)
|
Sender ip |
185.222.57.200 |
|
From |
"Renuka
"<renuka@vrlogistic.com" |
|
Subject |
"Quotation/ENQUIRY" |
|
Attachment |
"quotation.r15" |
|
MD5 |
bfc9fe70acd1cf755019a2b639129290 |
|
SHA256 |
26a05ed93c0b2379a682345862c3043bf6881542cc5c595e6e07f2fd4b0c76a9 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(12)
|
Sender ip |
185.222.58.158 |
|
From |
"sales3@cvshvac.com" |
|
Subject |
"RE:Bank Slip and our New P.O
copy." |
|
Attachment |
"Bank Slip and our New P.O
copy.pdf.ace" |
|
MD5 |
e0351d08599af5814e01bb0e4202b7af |
|
SHA256 |
cde67de6413f17681bbfe1dbda1b1b38ef75bf1f6d577768ba2b37da26a88012 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(13)
|
Sender ip |
185.222.58.158 |
|
From |
"RACQ Accounts Payable
<Accounts.Payable@racq.com.au>" |
|
Subject |
"RE:Remittance Advice" |
|
Attachment |
"Remittance Advice.pdf.ace" |
|
MD5 |
de4980314359c573f94093728fe8081a |
|
SHA256 |
7ec714951eee55a919d56ce2f60d3fddbd8cfef180c36e00099eb9e482d81ce0 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(14)
|
Sender ip |
45.137.22.110 |
|
From |
"suresh.behra@panchmahalunion.coop" |
|
Subject |
"RE: Balanced Payment" |
|
Attachment |
"Swift Copy.r00" |
|
MD5 |
7afbd6def45495c5e2d8ee4720fa1101 |
|
SHA256 |
7aa90af95268711f8746abc758cd36738548cf3f32b02a781a2e27cdc40d740f |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(15)
|
Sender ip |
77.223.134.73 |
|
From |
"Sedin Ikanovic
<si@adri.ch>" |
|
Subject |
"OPH21-000080" |
|
Attachment |
"OPH21-000080.rar" |
|
MD5 |
194aeba956941a08ef8a8c032dbf7c18 |
|
SHA256 |
04fe8e286ab7312c505c6824379325d7d614e2a62117562a01de7610b5bd275b |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(16)
|
Sender ip |
103.155.80.129 |
|
From |
"admin<kirit@dhiyahilal.com>" |
|
Subject |
"payment confirmation" |
|
Attachment |
"payment_advice.ace" |
|
MD5 |
7aa82e2758014c7a953f847173d93fd1 |
|
SHA256 |
57ce5246739dbf62b4de4f81be0f6e9cde7767e69a6d1fcbe38385477907843d |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(17)
|
Sender ip |
103.153.183.109 |
|
From |
"Elie Abdel Ahad
<sales@iran-bitumen.com>" |
|
Subject |
"Re: Re: PI" |
|
Attachment |
"Proforma Inv001.pdf.z" |
|
MD5 |
2b45bf4ad2fa0d2992eebd438d7f5358 |
|
SHA256 |
9242100a4dfc12af9e7a2bac40bfbcea71dd97a52910145e03a6aac5f984f6a0 |
|
Family |
Loki |
(18)
|
Sender ip |
103.153.183.109 |
|
From |
"Sanseverino Gabriele
<G.Sanseverino@galileotp.com>" |
|
Subject |
"Re: NEW REQUIREMENT" |
|
Attachment |
"MT Price Quotation.PDF.z" |
|
MD5 |
c809b578c9eef0ec1a1b4c2b4e8f5d73 |
|
SHA256 |
3dbd2b3c9948fddcf37dbddb6f982b3b178e084a3f61216b1e4d79f6d14f2fc1 |
|
Family |
Unknown |
(19)
|
Sender ip |
185.222.57.200 |
|
From |
"kiran"
<accounts@vrlogistic.com>" |
|
Subject |
"RE: PAYMENT INSTRUCTIONS" |
|
Attachment |
"Bank details.r00" |
|
MD5 |
408b2d79e3759520eac8c984ed146069 |
|
SHA256 |
62a0f9ac921ad22c71ce9cb922c860680a358a08370283bdbefda319fb0c7aa0 |
|
Family |
Unknown |
(19)
|
Sender ip |
185.222.58.158 |
|
From |
"RACQ Accounts Payable
<Accounts.Payable@racq.com.au>" |
|
Subject |
"RE:Remittance Advice" |
|
Attachment |
"Remittance Advice.pdf
(2).ace" |
|
MD5 |
9ae8cc65582c0ed19f7397d15c423f83 |
|
SHA256 |
1708f19df810b86f030519cdd711889fbf711eb90d441451529a27d7996d53ec |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(20)
|
Sender ip |
45.137.22.110 |
|
From |
"suresh.behra@panchmahalunion.coop" |
|
Subject |
"RE: Balanced Payment" |
|
Attachment |
"Swift Copy.zip" |
|
MD5 |
ee1a02f41b9d469da42fb77ffa89bd63 |
|
SHA256 |
3ab01a88c4c00fe682f2aad2b9ff94d4e75ff64b0b8ed1a9acd1d0e3355a67c4 |
|
Family |
Unknwon |
(20)
|
Sender ip |
143.110.215.57 |
|
From |
"HSBC
<payment-advice@hsbc.com>" |
|
Subject |
"Payment Advice-
Ref:[HSBC99002992]" |
|
Attachment |
"Scan Copy_pdf.gz" |
|
MD5 |
a22762ab097f043b49576dcd32db22c0 |
|
SHA256 |
c9ad6aeba22530d244008aa13366de1bd3a609cf724d70e4af8d0f38378f65e6 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(21)
|
Sender ip |
103.155.80.129 |
|
From |
"FedEx
Service<petrosmav@sanu.ac.sz>" |
|
Subject |
"FEDEX EXPRESS TRACKING - COURIER
DELIVERY" |
|
Attachment |
"FEDEX EXPRESS TRACKING - COURIER
DELIVERY.ace" |
|
MD5 |
d716c84e6aa932a3dea8ee84979c5520 |
|
SHA256 |
741047febdb278ef153fcb974da35338a57d44d273fdb7ba2b7415ede290bd42 |
|
Family |
Unknown |
(22)
|
Sender ip |
185.222.57.171 |
|
From |
"Haseeb Soleja
<haseeb@newras.com>" |
|
Subject |
"DIB REQ # 117305" |
|
Attachment |
"DIB-117305 Product
Brand.pdf.7z" |
|
MD5 |
97bfe15bf911cb2e543378087bf69d86 |
|
SHA256 |
f67a879b6fa2a620efb2554ad9f0c2a5a5043b905ed7ec9b0172db1f808adfee |
|
Family |
Unknown |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment