Phishing Attacks 8_6_2021
(1)
Sender ip |
81.1.11.121 |
From |
"Contabilidad Aux" |
Subject |
"Outstanding Payment" |
Attachment |
"Outstanding Payments.img" |
MD5 |
5083b82aadd8093824ffb240ad814553 |
SHA256 |
ba966be275e4b3473d0fb947fe795f1e7a80ba7ad13b10f6bf5f48872c3b7920 |
Family |
Loki |
(2)
Sender ip |
45.137.22.37 |
From |
155.94.136.153 |
Subject |
"BQ/2021/PROC/MB-06-07" |
Attachment |
"quote_06-07.zip" |
MD5 |
5b1aad08ce2c6b664b5ed0a76abd1e0f |
SHA256 |
32d624a2598e72f5120887240867fd6f35faa7e8ed04adb232c37a0ca0498650 |
Family |
AgentTesla |
(3)
Sender ip |
193.201.172.120 |
From |
"DHL Express Delivery
Services" <leni.hr@mail.bg>" |
Subject |
"Your package has been returned
to the sender." |
Attachment |
"PcLjY.xlsm" |
MD5 |
147418dcb1b8dfd98570cca5ba60b0c8 |
SHA256 |
943e042a068c9c079f94ba50ed5e769ff959f79cbcf6dea8d9b09f0a388a0d28 |
Family |
Unknown |
(4)
Sender ip |
64.44.139.163 |
From |
"FORTUNE STAR SHIPPING PTE
LTD<ops@pgshpg.com>" |
Subject |
"MV XIN HAI TONG23 - AGENT
NOMINATION / PDA REQUEST" |
Attachment |
"MASTER CONTACT DETAILS.rar" |
MD5 |
97ee77d34e27fc891934d0ceda085a29 |
SHA256 |
9b535df4412e9df0e5e9b1a76f64a2f977ec3ab8a59abcc77dbd95e562012992 |
Family |
AgentTesla |
(5)
Sender ip |
185.222.58.158 |
From |
"TNT EXPRESS INC
<service@tnt.com>" |
Subject |
"RE:**TOP URGENT** Consignment
Notification: You have A Package With Us" |
Attachment |
"Consignment
Document.pdf.rar" |
MD5 |
96aca8bae54d2bebff8672a396e25b60 |
SHA256 |
216db56b88f1aa79e283a6d94ab8279464eb2d1646952bfce59051c57028f925 |
Family |
AgentTesla |
(6)
Sender ip |
103.232.53.200 |
From |
"Sales Department
<sales.austria@aafeurope.com>" |
Subject |
"RFQ: Pattern quotation
5638044" |
Attachment |
"387-3703_drw -
PRODUCTION-pdf.gz" |
MD5 |
cf8c70f20e71f91389ab45d46a7fc576 |
SHA256 |
b4bdffe4d750442723727823a4efd9e0c9f048dde37c127d144e33de96c6af7b |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
Sender ip |
185.222.58.149 |
From |
"Katrina
Payne<katrina.gaspar@magna.com>" |
Subject |
"RE:REMITTANCE ADVICE (Balance
Payment_Y/ref Invoice No. 309320_ EK (URGENT!)" |
Attachment |
"Invoice No. 309320.zip" |
MD5 |
f6caf58b4b4df91e45db5f938cb96573 |
SHA256 |
2d2c4e635a371703010f38a45110fb8b52fe50eb02d9469f8dac7686e7b2feb8 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(8)
Sender ip |
185.25.20.204 |
From |
"info@fashionfurs.gr" |
Subject |
"Re: Purchase Order
Confirmation" |
Attachment |
"Purchase Order(1).zip" |
MD5 |
9d62a1d2e21498afe9032e6cb2cb4c8c |
SHA256 |
4ba2e9dac0846744d8dd87a996f08d7c2c98fca542a9d309a2b3d0feceb5f1c1 |
Family |
NanoCore |
If you wanna know how to analysis NanoCore Malware you can check my analysis in YouTube NanoCore..
(9)
Sender ip |
142.93.99.134 |
From |
"Mazen Jaber
<info@server-celebrate.xyz>" |
Subject |
"Urgent!!! Our Payment (39.750,00
USD)" |
Attachment |
"Bank TT Copy.iso" |
MD5 |
e606dc50102a6aab21586c81682b5c2d |
SHA256 |
034f770796527674a91815023e4bf24699a8ca31efe6a2349188af32e6e67060 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(10)
Sender ip |
172.106.111.237 |
From |
"berk@deniztekstilgrup.com" |
Subject |
"Price Inquiry For New
Order" |
Attachment |
"HTG-85709411.zip" |
MD5 |
ec6176b63930d4cabb830b0fed756a27 |
SHA256 |
f1cf481293021853559f52a79686ed190b1defbae9dbd49a77cbef05b49cb434 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(11)
Sender ip |
185.222.58.149 |
From |
"baylee.zhan<LVERMERSCH@dekeirel.com>" |
Subject |
"=?UTF-8?B?UkU6IEFTUMSwTMSwQyAtIExJTkNPIFNQQVJFIFBBUlRTIE9GRkVSIC0gQVdBIFRvcmJlbiBBLiAtIDIwMDc3MTYy?=" |
Attachment |
"QUOTATION.zip" |
MD5 |
6fd8ca7a49c30003d79cc51ad810bd83 |
SHA256 |
3b0be818ec1f4cc95a228e8d4104a0e957680931647d2a0255f1b67f7be29118 |
Family |
Unknown |
(12)
Sender ip |
185.222.58.149 |
From |
"dtaylor"<dtaylor@guardiantransfer.com>" |
Subject |
"RE: SOA" |
Attachment |
"SOA.rar.zip" |
MD5 |
5c09a4eb1d7526b739046c08989be4c4 |
SHA256 |
750ef49a08599d7405e81b958fbe7ab6c1f5df0481a5109e6992b533fe93b1c0 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(13)
Sender ip |
103.232.53.200 |
From |
"Accounts Payables"
<sales.mitsubishi@leongroup.com.np>" |
Subject |
"Aw: Purchase Order 5638044" |
Attachment |
"PO210530_332641-pdf.gz" |
MD5 |
b3582752b61544543d331f8303b21983 |
SHA256 |
b9a309747689d681c054b500e7a75ee5080daae1795dedd7bdeb58968d37c42f |
Family |
Unknown |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Thank you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment