Phishing Attacks 2_7_2021

 




If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here 👇.

My udemy course





(1)

Sender ip

165.227.57.184

From

"Info <chin@shinwhai.com>"

Subject

"Re; Materials quote Purchase Order.#136820254176"

Attachment

"NL PURCHASE ORDER.zip"

MD5

69d628b5257dbea9d516506ae30c8547

SHA256

7a0321ba98c2658818ea4fdbc730942042717acee9bf54c37b0f6980e9e469db

Family

Formbook

 


(2)

Sender ip

165.227.57.184

From

"Info <chin@shinwhai.com>"

Subject

"Re; Materials quote Purchase Order.#136820254176"

Attachment

"NL 2P PURCHASE ORDER.ARJ"

MD5

16e6493f749c66b3d546d0b8aa8ceee6

SHA256

2e2be015ab552c5d15996192a744001e9733e7cd2e4b2925c39188e26e5870d5

Family

Formbook

 

(3)

 

Sender ip

103.114.106.156

From

"Camille Fairouz" <Fairouz.Saleh@nabors.com>"

Subject

"RE: STATEMENT OF ACCOUNT"

Attachment

"SOA.xlsx"

MD5

ac8866044cc591802c362ea0c64b2e67

SHA256

45b88a718ddb3b2fc26604437e848ffde80be232ffc50b8426d93097cb122d88

Family

AgentTesla

   If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.


(4)

 

Sender ip

103.28.13.185

From

"HSBC Advising Service <medisindo@medisindo.co.id>"

Subject

"Payment Advice - Advice Ref:[GLV211429671] / ACH credits / Customer

Ref:[ACHKACH120210215104455BND] / Second Party Ref:"

Attachment

"Payment Advice_pdf.gz"

MD5

38f54f08708c887b1e944025a97863b7

SHA256

f6adf38d068773afaefbd23976e26aae04861d4e4f33793076f29fa2f4ff69a3

Family

Loki

 

(5)

Sender ip

199.10.31.237

From

"Anil Kini A <anil_athmananda@heisco.com>"

Subject

"RFQ -PIPE FITTINGS - FLOWLINE WORKS - NORTH KUWAIT - KOC - RFP 2070599, RFP 2075101 & RFP 2073681"

Attachment

"RFQ - FLOWLINE MATERIALS - NORTH KUWAIT.IMG"

MD5

c98746731e3cc7d4b33089fdc891ec74

SHA256

1a9f582caaf734e55f3ff8fec08fb5cabf0fd8b60f9a498f6002229f21467442

Family

SnakeKeylogger

 

(6)

Sender ip

91.205.41.4

From

"Engr. Ghazanfar Raza" <ghazanfar@sgbmdxb.com>"

Subject

"SHIPPING DOCUMENTS"

Attachment

"SHIPPING DOCUMENT.rar"

MD5

f0535bce8d4936cf3c5d82231cf11465

SHA256

09e27e5b6a2d77f8f6333a42b78558febd301da9c9ebabd392df9958a2eb9203

Family

Unknown


(7)

Sender ip

185.222.57.149

From

"maurorayo"<maurorayo@merquimiacolombia.com>"

Subject

"RE:New Purchase Order/Photo-Samples"

Attachment

"Photo-Sample 7t09250..zip"

MD5

152ae6df279e55ac46a37ed95d6ec17b

SHA256

dd107a0e1045f7f057b77233b622cfacb3e9f5e628cf0698d029eaa881a6c409

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA


Comments

Post a Comment

Popular posts from this blog

IOCs 7_8_2021

Image
  (1) File Name Netflix Checker AutoProxy.rar Created process Qsbb.exe Connected (Ip/Dns) Fhruhceio[.]eu5[.]org MD5 54407258f1e20055897fe7dad504a5dc SHA256 4c54592475d4636eb0fe0555dbe44813332059d787c755571797484b87983a50 Family njRAT   (2) File Name Start.exe Created process yGYkD7gHOX.exe Connected (Ip/Dns) Telete[.]in MD5 e123bd2a5d074027510e792b92bce913 SHA256 245c87b29983815f1bad519d8490e4fae064ec3f4788781f3944cbe4ad7e8e8b Family Raccoon   (3) File Name Banco do Brasil_eDeclaração_SMX_046_6-08-2021_SWIFT.COPY.exe Created process Banco do Brasil_eDeclaração_SMX_046_6-08-2021_SWIFT.COPY.exe Connected (Ip/Dns) www[.]transinta[.]com MD5 c5
Read more

Phishing Attacks 23_4_2022

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course   (1) Sender ip 180.214.238.82 From "Dang Thi Thu Hien<hiendang@panpacific.co.kr>" Subject "RE: [SSC CS] F22 03/09 Buy Shipping request_04062022" Attachment "SEALOGISTICS DEBIT NOTE.zip" MD5 add8e964a595d7af30f02783943c3a00 SHA256 24f6485539bc5d700d17ec8d629827ea80dfae2eb2189e872f4b8ae0e7f1d66f Family AgentTesla   If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube   AgentTesla .         (2) Sender ip 138.197.200.182 From "Nguyen Thi Quy <nguyen@47.fximnii.sbs>" Subject "RE: Purchase Inquiry: KPC/PU-231(MECH)NBI/20-22"
Read more

Phishing Attacks 15_2_2021

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course (1) Sender ip 137.184.90.200 From "<zita@anthonybirch.ml>" Subject "Attached our formal P/O : 4501226854." Attachment "PO - 4501226854,pdf (1).iso" MD5 9addd85060db79af3b0ac0e3011c69c1 SHA256 b0b0135c292340ab5993a9f2bea6f3f6e6478fb5883fe2e1ef67c60cf3dd0944 Family Formbook   (2) Sender ip 143.198.41.151 From "Gilbert Anderson <info@digimaincheckshower.com>" Subject "Please accept my applicant " Attachment "Approvald-32134.doc" MD5 40582aacc0f7f8a0946a64249dae4767 SHA256 1b97ac97a845c9f63cf7308e3f6f983
Read more