Phishing Attacks 2_7_2021
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here .
(1)
Sender ip |
165.227.57.184 |
From |
"Info
<chin@shinwhai.com>" |
Subject |
"Re; Materials quote Purchase
Order.#136820254176" |
Attachment |
"NL PURCHASE ORDER.zip" |
MD5 |
69d628b5257dbea9d516506ae30c8547 |
SHA256 |
7a0321ba98c2658818ea4fdbc730942042717acee9bf54c37b0f6980e9e469db |
Family |
Formbook |
(2)
Sender ip |
165.227.57.184 |
From |
"Info
<chin@shinwhai.com>" |
Subject |
"Re; Materials quote Purchase
Order.#136820254176" |
Attachment |
"NL 2P PURCHASE ORDER.ARJ" |
MD5 |
16e6493f749c66b3d546d0b8aa8ceee6 |
SHA256 |
2e2be015ab552c5d15996192a744001e9733e7cd2e4b2925c39188e26e5870d5 |
Family |
Formbook |
(3)
Sender ip |
103.114.106.156 |
From |
"Camille Fairouz"
<Fairouz.Saleh@nabors.com>" |
Subject |
"RE: STATEMENT OF ACCOUNT" |
Attachment |
"SOA.xlsx" |
MD5 |
ac8866044cc591802c362ea0c64b2e67 |
SHA256 |
45b88a718ddb3b2fc26604437e848ffde80be232ffc50b8426d93097cb122d88 |
Family |
AgentTesla |
(4)
Sender ip |
103.28.13.185 |
From |
"HSBC Advising Service
<medisindo@medisindo.co.id>" |
Subject |
"Payment Advice - Advice
Ref:[GLV211429671] / ACH credits / Customer Ref:[ACHKACH120210215104455BND] /
Second Party Ref:" |
Attachment |
"Payment Advice_pdf.gz" |
MD5 |
38f54f08708c887b1e944025a97863b7 |
SHA256 |
f6adf38d068773afaefbd23976e26aae04861d4e4f33793076f29fa2f4ff69a3 |
Family |
Loki |
(5)
Sender ip |
199.10.31.237 |
From |
"Anil Kini A
<anil_athmananda@heisco.com>" |
Subject |
"RFQ -PIPE FITTINGS - FLOWLINE
WORKS - NORTH KUWAIT - KOC - RFP 2070599, RFP 2075101 & RFP 2073681" |
Attachment |
"RFQ - FLOWLINE MATERIALS - NORTH
KUWAIT.IMG" |
MD5 |
c98746731e3cc7d4b33089fdc891ec74 |
SHA256 |
1a9f582caaf734e55f3ff8fec08fb5cabf0fd8b60f9a498f6002229f21467442 |
Family |
SnakeKeylogger |
(6)
Sender ip |
91.205.41.4 |
From |
"Engr. Ghazanfar Raza"
<ghazanfar@sgbmdxb.com>" |
Subject |
"SHIPPING DOCUMENTS" |
Attachment |
"SHIPPING DOCUMENT.rar" |
MD5 |
f0535bce8d4936cf3c5d82231cf11465 |
SHA256 |
09e27e5b6a2d77f8f6333a42b78558febd301da9c9ebabd392df9958a2eb9203 |
Family |
Unknown |
(7)
Sender ip |
185.222.57.149 |
From |
"maurorayo"<maurorayo@merquimiacolombia.com>" |
Subject |
"RE:New Purchase
Order/Photo-Samples" |
Attachment |
"Photo-Sample 7t09250..zip" |
MD5 |
152ae6df279e55ac46a37ed95d6ec17b |
SHA256 |
dd107a0e1045f7f057b77233b622cfacb3e9f5e628cf0698d029eaa881a6c409 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment