Phishing Attacks 30_6

Phishing Attacks 30_6_2021

June 30, 2021

(1)

Sender ip	81.31.197.53
From	"VIVO <contadigital@vivo.com.br>"
Subject	"A Conta Digital Vivo chegou"
Attachment	"fatura_vivo_01072021.zip"
MD5	aef5024a83edc00e6540c720d061d4a9
SHA256	451b4fb4bbd1132305a70846d178321c1cdf291d51c51974ff5beb98674e14ba
Family	Unknown

(2)

Sender ip	45.137.22.110
From	"info@dijlashipping.com"
Subject	"RE: SHIPPING DOCUMENT & PACKING LIST"
Attachment	"DOC.zip"
MD5	a951a2a98623826a7f0734652a52ec6d
SHA256	794a518c2857ed2106f0ee8d409c8dc9e0b358df749e6f693ee2a7ba5150b084
Family	Unknown

(3)

Sender ip	213.246.110.56
From	"Tender Iraq 07 (IRQ/PCSB)" <tender.iraq07@petronas.com.my>"
Subject	"RFQ/PCIHBV/2021/MRP/2711/ PROVISION OF SUPPLY AND DELIVERY OF MECHANICAL SPARE PARTS FOR PETRONAS CARIGALI IRAQ HOLDING B.V."
Attachment	"PETRONAS RFQPCIHBV2021MRP2711.TAR"
MD5	4240db0af6ad10bcb1c5d9eea2008dda
SHA256	6014a249398a77294a8e0533975dad4bc14e3e85c99f706dd768dcd877c11410
Family	SnakeKeylogger

(4)

Sender ip	213.246.110.56
From	"Tender Iraq 07 (IRQ/PCSB)" <tender.iraq07@petronas.com.my>"
Subject	"RFQ/PCIHBV/2021/MRP/2711/ PROVISION OF SUPPLY AND DELIVERY OF MECHANICAL SPARE PARTS FOR PETRONAS CARIGALI IRAQ HOLDING B.V."
Attachment	"MECHANICAL SPARE PARTS FOR PETRONAS CARIGALI IRAQ HOLDING B.V.TAR"
MD5	21d41eda5fb0d8a00f9e58203801316a
SHA256	43999a31cf39af3b63ad19da61ab8d5828a86ee4ea0cd77d49143427d1bd0cca
Family	SnakeKeylogger

(5)

Sender ip	193.142.59.37
From	"Info <willkommen@vendor.de>"
Subject	"invoice & kgs #5375"
Attachment	"Invoice.doc"
MD5	8878f2a3a7a71b648afca597c3d907c6
SHA256	14813f2f1c5a3dc1eb83a867d1a1537c38061af136c0d54e8ec0707f103b29e6
Family	Unknown

(6)

Sender ip	45.137.22.110
From	"sales@mecord.com"
Subject	"RE: PAYMENT COPY MT103"
Attachment	"payment copy.r00"
MD5	7b28895fe4c010db8d8e0b36db3bda77
SHA256	99b99539800b783d66b35c5e977816a6541c03dd1b683f14a998cf840ba39171
Family	AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.

(7)

Sender ip	185.222.58.104
From	"Elena Borovik <mailto:e.borovik@btsgroup.by>"
Subject	"Please send us your quotation for BK Vision"
Attachment	"nwhgu8941.lzh"
MD5	bf778b5aa367352b64544506c785037c
SHA256	964627926c709efa2260eb2d141b2afd7bdd2e73acdc0adf38d99e44865e7f17
Family	Unknown

(8)

Sender ip	103.114.106.156
From	"Yan Lidong" <service@ngccoin.hk>"
Subject	"=?UTF-8?B?562U5aSNOiBEb3duIHBheW1lbnQ=?="
Attachment	"swift transfer_copy.pdf.rar"
MD5	5140f9f0a829e10592e1d6867d5bb5b1
SHA256	f58908fe6ee795a218f978f8c7d01433f5189f523625c3327fa5ae3d520bd442
Family	AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.

(9)

Sender ip	185.222.58.104
From	"Laurent YAO <laurentyao@liedsgroup.com>"
Subject	"Please send us your quotation for BK Vision"
Attachment	"quotation (2).lzh"
MD5	5fd9592605456a3a9336187df19d3d05
SHA256	5e5537e2c5ca877e3a7bb6cefb0258ded276d88a4b15d806e4a64cdeb0a44c9d
Family	Unknown

If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥

YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA

Search This Blog

Malwares

Phishing Attacks 30_6_2021

Comments

Post a Comment

Popular posts from this blog

Phishing Attacks 23_4_2022

Phishing Attacks 3_3_2021

Phishing Attacks 15_12_2021