Phishing Attacks 29_6_2021

 





(1)

Sender ip

193.169.255.220

From

"WHEELS TRADINGS<info@tradewheel.com>"

Subject

"URGENT REQUIREMENT"

Attachment

"RFQ MRG-QTRTQWK_PRTTMMHJBG-GHTTWQ_KRT.ARJ"

MD5

675634ac79ee0ddc5b781ebe5c98da51

SHA256

c2e9085091bab9583f251007823455205cc7613547a77a4e7eb76fec102af79b

Family

AgentTesla

   If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.


(2)

Sender ip

212.60.13.5

From

"BLACN - RTM.CHINAOPS<rtm_chinaops@benline.com>"

Subject

"None"

Attachment

"ITINERARY.rar"

MD5

198f983668b1c95b79a0fe32cac498e1

SHA256

a48a4f23ad1705d46b21354781376254c2bf0dc4f34eb4075bed0e0c8cdb86a5

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla. 


(3)

 

Sender ip

81.31.197.6

From

"info@gervanne.com"

Subject

"RFQ"

Attachment

"RFQ1.xlsx"

MD5

22600d57c5c9b99fb6e58a8d0b9b4757

SHA256

027ad84058c49bcfc35ef73d675d7813002c74210d28bb970a78e047588f00d0

Family

GuLoader

 


(4)

 

Sender ip

74.201.28.108

From

"=?UTF-8?B?WWXFn2ltIEFLVEHFniBLQVlIQU4=?= <yesim.kayhan@globelink-unimar.com>"

Subject

"Sample Invitation to Bid"

Attachment

"Agreement.zip"

MD5

62daf2901c9f1297ea00ed54439ae584

SHA256

3399d9ffed32e491c929c18b2319a2442738ac44931d44934fc776a50413e907

Family

SnakeKeylogger

 

(5)

Sender ip

74.201.28.108

From

"=?UTF-8?B?WWXFn2ltIEFLVEHFniBLQVlIQU4=?= <yesim.kayhan@globelink-unimar.com>"

Subject

"Sample Invitation to Bid"

Attachment

"Instructions to Bidders.lzh"

MD5

34c7ca58ecd60828eeec4277afcbe468

SHA256

38c8157793f04a945e0b665f3575ab22b6dcaf3a88e305706837298fda5ced84

Family

SnakeKeylogger

 

(6)

Sender ip

93.189.41.161

From

"DHL+ Team" <Hayes@mixreports.com>"

Subject

"DocuSign: Equipment #9611"

Attachment

"Agree Status 28.Password cncyafknngalrwti.xlsm"

MD5

790cd237fca814411d8839dadcb655f4

SHA256

9e782d4fc3dc6acd3edff7e7bb0f68a724b1a2b7575fed939640c5855008aae3

Family

Unknown


(7)

Sender ip

45.137.22.126

From

"Selina Shen <contactus@christcenterofhope.org>"

Subject

"RE: Re: purchase order"

Attachment

"PO-HUATON SO- CERAMIC VASE.xlsx"

MD5

aaaa1eefa79498a5f6e5fe8940827962

SHA256

4da7c61ec6eb75209eb168ec610d851389a01c06975a6236de3729328fdcc450

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(8)

Sender ip

213.246.110.56

From

"Ibtissem Belghoul <ibtissembelghoul@saipem.com>"

Subject

"BID No. 2000541001- REQUEST FOR QUOTATION FOR SHORE APPROACH SERVICE

& EQUIPMENT-H02768 LTA2-43-BERRI DOWNSTEAM PIPELINE PROJECT"

Attachment

"RFQ BID No. 2000541001.TAR"

MD5

80523096e006a7b36157aa9077910c20

SHA256

501bb7c9b9760e453c509331fd11d554b603a45bf4d4bd760221c69b4a6c0165

Family

SnakeKeylogger


(9)

Sender ip

212.60.13.5

From

"DA Dept.Roxana Shipping<da@roxanashipping.com>"

Subject

"MV ATHIRI VOY 87 WILL CALL AT YOUR PORT ETA ON 26TH oct, 2021, IAGW, WOG FOR DISCHARGINGDEAR ALL"

Attachment

"SHIPS PARTICULAR.rar"

MD5

6346d5d3d92f0755421a9f5c82cc4cde

SHA256

4e683d91b95caa1a673f0bae1f5ec98ca1be42c0d1fb755ef0ccf77487f124b5

Family

AgentTesla


  If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.


If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA






Comments

Popular posts from this blog

Sunburst Solarwinds Backdoor

Phishing Attacks 9_4_2021

Conti Ransomware