Phishing Attacks 30_7_2021

 


If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here 👇.

My udemy course

(1)

Sender ip

202.55.132.5

From

"Julie Han" <FRANK.LUPU@lupufinancial.com>"

Subject

"RE: Invoice & Packing list For Sea Shipment"

Attachment

"Invoice & Packing list For Sea Shipment.iso"

MD5

cfe950b674ca05aa5724f225095fc8a4

SHA256

246909611827ef01c98ced2c15a219bad01d7011a67a73951471733ea1daa134

Family

Formbook

 

(2)

Sender ip

45.137.22.57

From

"Mark Andrew <sales@csl-group.com>"

Subject

"VM Accord, ORDER: TKHA-A88160011B"

Attachment

"VM Accord, ORDER TKHA-A88160011B.pdf.zip"

MD5

392fa485723aa7918db7b3101d1401e8

SHA256

df6ab43d89e380d7a43c64bfb7ee757a9d37647af7eff468f2dc539f25ee254e

Family

SnakeKeylogger

 

(3)

 

Sender ip

165.22.106.170

From

"Juan Tirado <viki@putues.de>"

Subject

"EFT-INV9873838 (Description Payment)"

Attachment

"Out-going Wire Confirmation!!!! 29072021.ppt"

MD5

84bf8928e67f5073047723334bcd8450

SHA256

50f81267312d2ee6a0d11886c37d1c26fe3ee364621d2872cf1c78dcef963171

Family

Unknwon

 

(4)

 

Sender ip

45.137.22.75

From

"umesh@alrabihtrading.com"

Subject

"RE: PAYMENT INSTRUCTIONS"

Attachment

"PAYMENT INSTRUCTIONS COPY.r00"

MD5

bf32e75153e858642e095012ce595dd2

SHA256

cc864620585ae172787de5e6741efd42ad78de1dfc8d30f878de5e3a6a946e4d

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(5)

Sender ip

192.3.92.176

From

"Panchal, Hardik<info@mx-web.live>"

Subject

"RE: DN/PO/21/01237"

Attachment

"Purchase Order #01678_pdf.cab"

MD5

0085360e9f3c7a2fe97ac711a477fe11

SHA256

828166a252488c31b94ea6f10341be21ffc9f622737e98470c98ceec191ee1e8

Family

Formbook

 

(6)

Sender ip

77.247.110.225

From

"DHL EXPRESS<jerin.benjamin@dhl.com>"

Subject

"Consignment-Notification: You have a parcel"

Attachment

"Orignal Shipping document,pdf.r09"

MD5

9aa40f2922f208ed13b1b6ab468fbca5

SHA256

3e41e5dc3faee3045df1471650f0252eb581c7907614fa9f404000d2fbcc92e1

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(7)

Sender ip

45.14.9.100

From

"Madiha Rasheed<madha@technogroupllc.com>"

Subject

"Request for quotation"

Attachment

"RFQ file_pdf.gz"

MD5

e499c6056afc8e822c936888061c0b4c

SHA256

c5c0c1dc1b82ded99f843bdce1ab3d44bff352bcdd6c934afe80577474738a43

Family

Loki

If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA



Comments

Post a Comment

Popular posts from this blog

Phishing Attacks 23_4_2022

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course   (1) Sender ip 180.214.238.82 From "Dang Thi Thu Hien<hiendang@panpacific.co.kr>" Subject "RE: [SSC CS] F22 03/09 Buy Shipping request_04062022" Attachment "SEALOGISTICS DEBIT NOTE.zip" MD5 add8e964a595d7af30f02783943c3a00 SHA256 24f6485539bc5d700d17ec8d629827ea80dfae2eb2189e872f4b8ae0e7f1d66f Family AgentTesla   If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube   AgentTesla .         (2) Sender ip 138.197.200.182 From "Nguyen Thi Quy <nguyen@47.fximnii.sbs>" Subject "RE: Purchase Inquiry: KPC/PU-231(MECH...
Read more

Phishing Attacks 3_3_2021

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course (1) Sender ip 45.137.22.124 From "Cheng Yong"<rosa@franball.net>" Subject "RV: Shipping advice - 2nd container under ct.876" Attachment "SHIPPING ADVICE#202203.zip" MD5 aa2d18552a8d5041e4c757cee09f2c4d SHA256 0628b564bad3c4e59644e91398899f88143aa2eb3473e720270fb1566c628d60 Family AgentTesla If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube   AgentTesla .       (2) Sender ip 2.56.56.35 From "contato@vastoverde.com.br" Subject "fwd :Outstanding Remittance payment" Attachment "receipt_pdf.z" ...
Read more

Phishing Attacks 15_12_2021

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course (1) Sender ip 37.0.10.173 From "Mona Bharti <m.bhart@frigel.com>" Subject "Purchase Order 1212200205_PR21220055" Attachment "Purchase Order 1212200205_PR21220055.zip" MD5 5e1c9b4e130a7a9bb68ed6e6f414ff20 SHA256 0ba7a7c7189d5bcd38048ba7418ff521d6a00ab36804b8980c4d51ba43fcf070 Family AgentTesla If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube   AgentTesla .          (2) Sender ip 45.137.22.181 From "ajay.katoch@unilever.com" Subject "RE: invoice & packing list for shipping order no. 411301" Attachment ...
Read more