Phishing Attacks 30_6_2021
(1)
Sender ip |
81.31.197.53 |
From |
"VIVO
<contadigital@vivo.com.br>" |
Subject |
"A Conta Digital Vivo
chegou" |
Attachment |
"fatura_vivo_01072021.zip" |
MD5 |
aef5024a83edc00e6540c720d061d4a9 |
SHA256 |
451b4fb4bbd1132305a70846d178321c1cdf291d51c51974ff5beb98674e14ba |
Family |
Unknown |
(2)
Sender ip |
45.137.22.110 |
From |
"info@dijlashipping.com" |
Subject |
"RE: SHIPPING DOCUMENT &
PACKING LIST" |
Attachment |
"DOC.zip" |
MD5 |
a951a2a98623826a7f0734652a52ec6d |
SHA256 |
794a518c2857ed2106f0ee8d409c8dc9e0b358df749e6f693ee2a7ba5150b084 |
Family |
Unknown |
(3)
Sender ip |
213.246.110.56 |
From |
"Tender Iraq 07 (IRQ/PCSB)"
<tender.iraq07@petronas.com.my>" |
Subject |
"RFQ/PCIHBV/2021/MRP/2711/
PROVISION OF SUPPLY AND DELIVERY OF MECHANICAL SPARE PARTS FOR PETRONAS
CARIGALI IRAQ HOLDING B.V." |
Attachment |
"PETRONAS
RFQPCIHBV2021MRP2711.TAR" |
MD5 |
4240db0af6ad10bcb1c5d9eea2008dda |
SHA256 |
6014a249398a77294a8e0533975dad4bc14e3e85c99f706dd768dcd877c11410 |
Family |
SnakeKeylogger |
(4)
Sender ip |
213.246.110.56 |
From |
"Tender Iraq 07 (IRQ/PCSB)"
<tender.iraq07@petronas.com.my>" |
Subject |
"RFQ/PCIHBV/2021/MRP/2711/
PROVISION OF SUPPLY AND DELIVERY OF MECHANICAL SPARE PARTS FOR PETRONAS
CARIGALI IRAQ HOLDING B.V." |
Attachment |
"MECHANICAL SPARE PARTS FOR
PETRONAS CARIGALI IRAQ HOLDING B.V.TAR" |
MD5 |
21d41eda5fb0d8a00f9e58203801316a |
SHA256 |
43999a31cf39af3b63ad19da61ab8d5828a86ee4ea0cd77d49143427d1bd0cca |
Family |
SnakeKeylogger |
(5)
Sender ip |
193.142.59.37 |
From |
"Info
<willkommen@vendor.de>" |
Subject |
"invoice & kgs #5375" |
Attachment |
"Invoice.doc" |
MD5 |
8878f2a3a7a71b648afca597c3d907c6 |
SHA256 |
14813f2f1c5a3dc1eb83a867d1a1537c38061af136c0d54e8ec0707f103b29e6 |
Family |
Unknown |
(6)
Sender ip |
45.137.22.110 |
From |
"sales@mecord.com" |
Subject |
"RE: PAYMENT COPY MT103" |
Attachment |
"payment copy.r00" |
MD5 |
7b28895fe4c010db8d8e0b36db3bda77 |
SHA256 |
99b99539800b783d66b35c5e977816a6541c03dd1b683f14a998cf840ba39171 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
Sender ip |
185.222.58.104 |
From |
"Elena Borovik <mailto:e.borovik@btsgroup.by>" |
Subject |
"Please send us your quotation
for BK Vision" |
Attachment |
"nwhgu8941.lzh" |
MD5 |
bf778b5aa367352b64544506c785037c |
SHA256 |
964627926c709efa2260eb2d141b2afd7bdd2e73acdc0adf38d99e44865e7f17 |
Family |
Unknown |
(8)
Sender ip |
103.114.106.156 |
From |
"Yan Lidong"
<service@ngccoin.hk>" |
Subject |
"=?UTF-8?B?562U5aSNOiBEb3duIHBheW1lbnQ=?=" |
Attachment |
"swift
transfer_copy.pdf.rar" |
MD5 |
5140f9f0a829e10592e1d6867d5bb5b1 |
SHA256 |
f58908fe6ee795a218f978f8c7d01433f5189f523625c3327fa5ae3d520bd442 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(9)
Sender ip |
185.222.58.104 |
From |
"Laurent YAO
<laurentyao@liedsgroup.com>" |
Subject |
"Please send us your quotation
for BK Vision" |
Attachment |
"quotation (2).lzh" |
MD5 |
5fd9592605456a3a9336187df19d3d05 |
SHA256 |
5e5537e2c5ca877e3a7bb6cefb0258ded276d88a4b15d806e4a64cdeb0a44c9d |
Family |
Unknown |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment