Phishing Attacks 30_7_2021
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here .
(1)
Sender ip |
202.55.132.5 |
From |
"Julie Han"
<FRANK.LUPU@lupufinancial.com>" |
Subject |
"RE: Invoice & Packing list
For Sea Shipment" |
Attachment |
"Invoice & Packing list For
Sea Shipment.iso" |
MD5 |
cfe950b674ca05aa5724f225095fc8a4 |
SHA256 |
246909611827ef01c98ced2c15a219bad01d7011a67a73951471733ea1daa134 |
Family |
Formbook |
(2)
Sender ip |
45.137.22.57 |
From |
"Mark Andrew
<sales@csl-group.com>" |
Subject |
"VM Accord, ORDER:
TKHA-A88160011B" |
Attachment |
"VM Accord, ORDER
TKHA-A88160011B.pdf.zip" |
MD5 |
392fa485723aa7918db7b3101d1401e8 |
SHA256 |
df6ab43d89e380d7a43c64bfb7ee757a9d37647af7eff468f2dc539f25ee254e |
Family |
SnakeKeylogger |
(3)
Sender ip |
165.22.106.170 |
From |
"Juan Tirado
<viki@putues.de>" |
Subject |
"EFT-INV9873838 (Description
Payment)" |
Attachment |
"Out-going Wire Confirmation!!!!
29072021.ppt" |
MD5 |
84bf8928e67f5073047723334bcd8450 |
SHA256 |
50f81267312d2ee6a0d11886c37d1c26fe3ee364621d2872cf1c78dcef963171 |
Family |
Unknwon |
(4)
Sender ip |
45.137.22.75 |
From |
"umesh@alrabihtrading.com" |
Subject |
"RE: PAYMENT INSTRUCTIONS" |
Attachment |
"PAYMENT INSTRUCTIONS
COPY.r00" |
MD5 |
bf32e75153e858642e095012ce595dd2 |
SHA256 |
cc864620585ae172787de5e6741efd42ad78de1dfc8d30f878de5e3a6a946e4d |
Family |
AgentTesla |
(5)
Sender ip |
192.3.92.176 |
From |
"Panchal,
Hardik<info@mx-web.live>" |
Subject |
"RE: DN/PO/21/01237" |
Attachment |
"Purchase Order
#01678_pdf.cab" |
MD5 |
0085360e9f3c7a2fe97ac711a477fe11 |
SHA256 |
828166a252488c31b94ea6f10341be21ffc9f622737e98470c98ceec191ee1e8 |
Family |
Formbook |
(6)
Sender ip |
77.247.110.225 |
From |
"DHL
EXPRESS<jerin.benjamin@dhl.com>" |
Subject |
"Consignment-Notification: You
have a parcel" |
Attachment |
"Orignal Shipping
document,pdf.r09" |
MD5 |
9aa40f2922f208ed13b1b6ab468fbca5 |
SHA256 |
3e41e5dc3faee3045df1471650f0252eb581c7907614fa9f404000d2fbcc92e1 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
Sender ip |
45.14.9.100 |
From |
"Madiha
Rasheed<madha@technogroupllc.com>" |
Subject |
"Request for quotation" |
Attachment |
"RFQ file_pdf.gz" |
MD5 |
e499c6056afc8e822c936888061c0b4c |
SHA256 |
c5c0c1dc1b82ded99f843bdce1ab3d44bff352bcdd6c934afe80577474738a43 |
Family |
Loki |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment