Phishing Attacks 30_7_2021

 


If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here 👇.

My udemy course

(1)

Sender ip

202.55.132.5

From

"Julie Han" <FRANK.LUPU@lupufinancial.com>"

Subject

"RE: Invoice & Packing list For Sea Shipment"

Attachment

"Invoice & Packing list For Sea Shipment.iso"

MD5

cfe950b674ca05aa5724f225095fc8a4

SHA256

246909611827ef01c98ced2c15a219bad01d7011a67a73951471733ea1daa134

Family

Formbook

 

(2)

Sender ip

45.137.22.57

From

"Mark Andrew <sales@csl-group.com>"

Subject

"VM Accord, ORDER: TKHA-A88160011B"

Attachment

"VM Accord, ORDER TKHA-A88160011B.pdf.zip"

MD5

392fa485723aa7918db7b3101d1401e8

SHA256

df6ab43d89e380d7a43c64bfb7ee757a9d37647af7eff468f2dc539f25ee254e

Family

SnakeKeylogger

 

(3)

 

Sender ip

165.22.106.170

From

"Juan Tirado <viki@putues.de>"

Subject

"EFT-INV9873838 (Description Payment)"

Attachment

"Out-going Wire Confirmation!!!! 29072021.ppt"

MD5

84bf8928e67f5073047723334bcd8450

SHA256

50f81267312d2ee6a0d11886c37d1c26fe3ee364621d2872cf1c78dcef963171

Family

Unknwon

 

(4)

 

Sender ip

45.137.22.75

From

"umesh@alrabihtrading.com"

Subject

"RE: PAYMENT INSTRUCTIONS"

Attachment

"PAYMENT INSTRUCTIONS COPY.r00"

MD5

bf32e75153e858642e095012ce595dd2

SHA256

cc864620585ae172787de5e6741efd42ad78de1dfc8d30f878de5e3a6a946e4d

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(5)

Sender ip

192.3.92.176

From

"Panchal, Hardik<info@mx-web.live>"

Subject

"RE: DN/PO/21/01237"

Attachment

"Purchase Order #01678_pdf.cab"

MD5

0085360e9f3c7a2fe97ac711a477fe11

SHA256

828166a252488c31b94ea6f10341be21ffc9f622737e98470c98ceec191ee1e8

Family

Formbook

 

(6)

Sender ip

77.247.110.225

From

"DHL EXPRESS<jerin.benjamin@dhl.com>"

Subject

"Consignment-Notification: You have a parcel"

Attachment

"Orignal Shipping document,pdf.r09"

MD5

9aa40f2922f208ed13b1b6ab468fbca5

SHA256

3e41e5dc3faee3045df1471650f0252eb581c7907614fa9f404000d2fbcc92e1

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(7)

Sender ip

45.14.9.100

From

"Madiha Rasheed<madha@technogroupllc.com>"

Subject

"Request for quotation"

Attachment

"RFQ file_pdf.gz"

MD5

e499c6056afc8e822c936888061c0b4c

SHA256

c5c0c1dc1b82ded99f843bdce1ab3d44bff352bcdd6c934afe80577474738a43

Family

Loki

If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA



Comments

Popular posts from this blog

Sunburst Solarwinds Backdoor

Phishing Attacks 9_4_2021

AgentTesla Malware