Phishing Attacks 21_7_2021
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here .
(1)
Sender ip |
185.222.57.75 |
From |
"Abrar Ahamed
<abrar.ahamed@proscapeuae.com>" |
Subject |
"RE: Re Supply of Aggregate
Sub-base download file and see more." |
Attachment |
"Supply of Aggregate.r00" |
MD5 |
2ecad21fb0ad5ddb2938d7503152a7ad |
SHA256 |
f796a3fb3b89c3361d393605988484621450a0c8a73ff2c7f44ad65d11b56892 |
Family |
AgentTesla |
(2)
Sender ip |
103.139.44.91 |
From |
"info@menbelltda.com" |
Subject |
"RFQ RE: New PO-MPU702734" |
Attachment |
"MPU702734-pdf.gz" |
MD5 |
ad0a8dc9191cebc5364ce7ee9e7b0cac |
SHA256 |
474f8ad5170c4840a256f8c9d43b8e012f380138e2b11e629f6927726e828b91 |
Family |
Unknown |
(3)
Sender ip |
46.183.223.113 |
From |
"Roman Cheremisin
<info@artimpexx.kz>" |
Subject |
"NEW PURCHASE ORDER
PO2234511" |
Attachment |
"Purchase Order two. doc" |
MD5 |
bdeba8a3ea9e98c5938cb8d611f607d3 |
SHA256 |
2e174386633828e5b4c6628c7957dc843ade571ac5644f27924459a76748c706 |
Family |
Unknown |
(4)
Sender ip |
46.183.223.113 |
From |
"Roman Cheremisin
<info@artimpexx.kz>" |
Subject |
"NEW PURCHASE ORDER
PO2234511" |
Attachment |
"Purchase Order Three .doc" |
MD5 |
9c641651b430f3250a63877c74d77e7a |
SHA256 |
3c77ba2d84d91215e09d96edf47de3113194ee4154b0e38b9bf5de1d4d44031d |
Family |
Unknown |
(5)
Sender ip |
103.153.79.77 |
From |
"account-HKGROUP
<account@hkgroup.vn>" |
Subject |
"FW: DEBIT NOTE/ LOI/ Re[12]:
DELAY NOTICE/ BOOKING ZIMUHCM80175843/ HCM-SAVANNAH / LINE ZIM /ETD:
03-JUL" |
Attachment |
"2314.zip" |
MD5 |
dbd20da7212d4b20e9c7173125d2ff9c |
SHA256 |
3ffac520312b87f502950dcd7832db87888555a97e96719746205ebf4acfe438 |
Family |
SnakeKeylogger |
(6)
Sender ip |
38.130.221.187 |
From |
"DAVID WONG
<gwrethford@pcog.org>" |
Subject |
"CONFIRMATION ORDER" |
Attachment |
"CONFIRMATION ORDER.zip" |
MD5 |
00c2c49da45965b0e22597e0bd9c3964 |
SHA256 |
6d2acc22440a4f5c15c989e4faa896b92384c6df2eec613ee1c3e66ff449c81e |
Family |
SnakeKeylogger |
(7)
Sender ip |
103.99.3.112 |
From |
T.
Selvam<contracts@ninaindia.com" |
Subject |
"Re: Purchase Order" |
Attachment |
"Purchase Order.r00" |
MD5 |
51e24302c3525b761872397b55ec653c |
SHA256 |
5dad4092465dce8d51f59b964077033e72024134a2269b929a8002e52bbbb9ad |
Family |
Formbook |
(8)
Sender ip |
165.22.211.218 |
From |
"Bonnie Wu"
<Account@dta.jo>" |
Subject |
"Payment receipt" |
Attachment |
"Payment Receipt.zip" |
MD5 |
98f96d0a617b4fc387011474681b6d9d |
SHA256 |
791c59d9b13a96c15e17baf22d85ffd8e8f783909c246043ba600f9c5f36181b |
Family |
Formbook |
(9)
Sender ip |
185.222.57.156 |
From |
"Ravi
Jaitly"<ravijaitly@dcmshriram.com>" |
Subject |
"Purchase Order 4110043899" |
Attachment |
"Released Order.r15" |
MD5 |
5364961cf95f94c23988ec567ca7466a |
SHA256 |
8b82e033dd3ab1e4b2d827e7b5627b4d2a937246e4c53e5400ea94f02f5e82ee |
Family |
Unknown |
(10)
Sender ip |
45.137.22.75 |
From |
"info@cryptovarna.com" |
Subject |
"Re: Invoice Query " |
Attachment |
"PAYMENT COPY.r00" |
MD5 |
68ca906b3a5d37a1eb8dafba33ac3f04 |
SHA256 |
f0212164481dbc5204645f14e6fd604178e2a1bbc7064e021f459b3aa49abacf |
Family |
Unknown |
(11)
Sender ip |
103.139.45.212 |
From |
"Irene
Chan<irene.chan@transcargo.com.my>" |
Subject |
"Payment Invoice" |
Attachment |
"Payment_invoice.zip" |
MD5 |
9486933add946e50daa804e8179d77f2 |
SHA256 |
19206641ad6dfe10bc758922d2917b690431b0bc6b7f45a445cdec3b1a7fb7b3 |
Family |
Unknown |
(12)
Sender ip |
149.202.44.208 |
From |
"ANTHONY MACOVICH"
<info@cbbc.com>" |
Subject |
"Purchase Ordr 112345" |
Attachment |
"order.zip" |
MD5 |
edded1e2382bd3fa5b966f3067690cc1 |
SHA256 |
497b04efe79c9dce8bb75a37d72702eb9b703912994c5351a6792a8c217160c9 |
Family |
NetWire |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment