Phishing Attacks 3_6_2021
(1)
|
Sender ip |
185.222.58.149 |
|
From |
"Wu
Xueming"<accountsknp@taborfreight.com>" |
|
Subject |
"FW: SOA Review Done : Inter Bank
Transfer(IBG) URGENT" |
|
Attachment |
"Bank swift.zip" |
|
MD5 |
eaf4bec0c1103fa6f87aaddbaa631454 |
|
SHA256 |
7bc8e9198c499b6c48d39e99734d3c9081d0eae625f5ac9a2ca4f571946a1501 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(2)
|
Sender ip |
45.137.22.149 |
|
From |
"M.Hilpert@serafimaint.com" |
|
Subject |
"RE:Reconfirm Bank Details" |
|
Attachment |
"Bank Details.r00" |
|
MD5 |
21ab3f0250d6a797fae7f179e428c539 |
|
SHA256 |
b0fb5eb8dad64e67ded64e20c20075ad3198295ded5646c9cff81cdcb527f6b5 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(3)
|
Sender ip |
103.155.80.187 |
|
From |
"karen marshall"
<karen.marshall@olympus.co.uk>" |
|
Subject |
"Fwd: Quotations New Order" |
|
Attachment |
"new order.rar" |
|
MD5 |
c2551fe8efe908d1ebcea82607408aef |
|
SHA256 |
fd80bdd9cb1cb0f140ce78a39a8c73087f27c85322ca17ed66a39026ac09c151 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(4)
|
Sender ip |
103.155.80.187 |
|
From |
"Sales Manager"
<sales@htglover.com>" |
|
Subject |
"RE: STATEMENT OF ACCOUNT" |
|
Attachment |
"outstanding invoices.rar" |
|
MD5 |
c745accf0132345f01aac2323bb345fe |
|
SHA256 |
5b9d8a84ee305113d9915edb5c6adf6182894fefa40e046b536971083064b5fd |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(5)
|
Sender ip |
155.94.136.153 |
|
From |
"Mattia
Comelli<mattia.comelli@tekube.com>" |
|
Subject |
"New RFQ Check-up item
CS1528240.2" |
|
Attachment |
"EQ�PC-0029-02.xlsx" |
|
MD5 |
173a76273a1d9617f5b2cde725aa47bf |
|
SHA256 |
60afc72d245d76fae7ff9087aa81f677e03f6517bd69a5e8040e5fee7e1449bf |
|
Family |
Unknown |
(6)
|
Sender ip |
155.94.136.153 |
|
From |
"Mattia
Comelli<mattia.comelli@tekube.com>" |
|
Subject |
"New RFQ Check-up item
CS1528240.2" |
|
Attachment |
"3034501.zip" |
|
MD5 |
2bae8f71a486883503d04c462a6240d2 |
|
SHA256 |
6973dab1da8d0bcb8185df7aa63b8474bc9491f16f7642a347b529789f19d6da |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
|
Sender ip |
195.133.40.234 |
|
From |
"Khamis Salim
<k.salim@oxy.com>" |
|
Subject |
"RFQ-14000135846 NGCP Pipeline
PROJECT TA 725638 DK RH HRDH HEADER PLATFORM " |
|
Attachment |
"RFQ-14000135846_Scanned from a
Xerox multifunction device (2).zip" |
|
MD5 |
92ac9dbc5783ddeab66cff673b4bbae4 |
|
SHA256 |
a70495ddde64524d6c16dca86296d44ea78c15c3ac97609dac318559ee2644de |
|
Family |
Unknown |
(8)
|
Sender ip |
185.121.120.197 |
|
From |
"=?UTF-8?Q?KOLAGOM_K=C4=B0MYASALLAR_SAN=2E_VE_T=C4=B0C=2E_LTD=2E_?= =?UTF-8?Q?=C5=9ET=C4=B0=2E?=
<esraa@kolagom.com>" |
|
Subject |
"New Inquiry" |
|
Attachment |
"Product list.xlsx" |
|
MD5 |
8f310f476d94685424314ab47316f4fe |
|
SHA256 |
d4800340fbd1803a42df8ac5b06b47b8d2cafa64738f02282fe4b32e97fa872b |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(9)
|
Sender ip |
45.137.22.149 |
|
From |
"Natchac@eiamheng.com" |
|
Subject |
"RE:Reconfirm Bank Details" |
|
Attachment |
"Bank Details.ARJ" |
|
MD5 |
998aa8498fe9c96865842d82fc1b680f |
|
SHA256 |
e9b4cb23f9e8a68d296ba0f51cbfd513f7e621e0461e560f1cb910b38d172244 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(10)
|
Sender ip |
185.222.57.200 |
|
From |
"purchase"<purchase.r40@sanjivani.co.in>" |
|
Subject |
"Order Enquiry No: 3308" |
|
Attachment |
"Inquiry.r15" |
|
MD5 |
365cef6b9f1d3672cf86d043e48845a9 |
|
SHA256 |
9e6994570cedbc6d1bc2b077bda2bdf38c26ab2f2d09ea3797c45d786fd1b2d9 |
|
Family |
SnakeKeylogger |
(11)
|
Sender ip |
185.222.58.153 |
|
From |
"Tina
Donini<tina@stmsaldatura.it>" |
|
Subject |
"PAYMENT COPY" |
|
Attachment |
"Swift-copy.zip" |
|
MD5 |
0dec0263243d7a3b2f69e139f41c455f |
|
SHA256 |
a9c17a18861e01200624ea6c949d9ac252478a80496add163211973f171f807d |
|
Family |
SnakeKeylogger |
(12)
|
Sender ip |
45.95.168.220 |
|
From |
"Shruti"
<n.khalilova@globalinklogistics.com>" |
|
Subject |
"Wire confirmation" |
|
Attachment |
"Wire-Payment.pdf.cab" |
|
MD5 |
f0ab5f07a02cbe6511ae426f9d746563 |
|
SHA256 |
74336b753bee56d595e5420bccaa26e0f124200cb5071e853983118f49009654 |
|
Family |
Formbook |
(13)
|
Sender ip |
103.207.38.69 |
|
From |
"=?UTF-8?B?ICLljb/kupHluoYi?=
<qingyunqing@snsp-tj.com>" |
|
Subject |
"NEW ORDER" |
|
Attachment |
"NEW ORDER.zip" |
|
MD5 |
61357bd29f719f4b7f2a237b42eff70d |
|
SHA256 |
33129214b46df54bc7a37e566e20bcbffc70de1d672a8379c114fb88b6c13c67 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(14)
|
Sender ip |
185.222.58.153 |
|
From |
"Sajeer
Kanniyath<finance.sedra@rotana.com >" |
|
Subject |
"BALANCE COMFIRMATION FOR MAY
2021" |
|
Attachment |
"Invoice-Copy.zip" |
|
MD5 |
49290d6def5f028d43f5b3dfc943a11c |
|
SHA256 |
60c12eb1e87d0fac641179d79c750a8cd46e325a57d7a454d708f95e6d83db54 |
|
Family |
SnakeKeylogger |
(15)
|
Sender ip |
185.222.58.153 |
|
From |
"Sajeer Kanniyath<finance.sedra@rotana.com
>" |
|
Subject |
"BALANCE COMFIRMATION FOR MAY
2021" |
|
Attachment |
"Balance___5132.zip" |
|
MD5 |
7b1af7564887531abe7565e16c909dbb |
|
SHA256 |
c281a7861483a39ff4da8236c5b2a202f88562caa737f4d7060049fd1b5fb980 |
|
Family |
SnakeKeylogger |
(16)
|
Sender ip |
185.222.57.232 |
|
From |
"HSBC Advicing Service"
<sales@derryauto.cn>" |
|
Subject |
"Payment Advice - Advice
Ref:[GB1860369674] / Priority payment / Customer Ref:[0000568988]" |
|
Attachment |
"MT103-06022021987636472-PDF.ARJ" |
|
MD5 |
8246a4b29d8dc66ee42fd1992e93f02e |
|
SHA256 |
6e362240f8c0314c8c10319312b7abe77fd4821f5ace2b8e2837e07c86f3ab75 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment