Phishing Attacks 7_7_2021
(1)
Sender ip |
77.247.110.77 |
From |
"Mohamed , Eldaly
<m.eldaly@petrozenima.com.eg>" |
Subject |
"INVITATION TO TENDER NO MAT.
021/PJTS/2021 FOR THE PROVISION OF SUPPLY Instrument Bulk Material" |
Attachment |
"INVITATION TO TENDER NO MAT 021
PJTS 021 FOR THE PROVISION OF SUPPLY Instrument Bulk Material exe.img" |
MD5 |
35d1dfede00cba54d90273491df9b05c |
SHA256 |
518278cdbf87c6e43a3d8949cd14671a97a8450021ee8562609988abef8df79e |
Family |
SnakeKeylogger |
(2)
Sender ip |
45.137.22.110 |
From |
"svl@mbsugars.com" |
Subject |
"RE: PAYMENT INSTRUCTIONS" |
Attachment |
"PAYMENT INSTRUCTIONS
COPY.r00" |
MD5 |
1d1dcc5646b028d46968d6fbcd2bd747 |
SHA256 |
835072bb77faa9d142e5ab3e77b10a6f22f6a4d15277f28928dc5d09f87adbdb |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(3)
Sender ip |
185.222.57.72 |
From |
"=?UTF-8?B?VGlmZmFueSBGZW5n6aau6JCN6JCN?=<tiffany.feng@lotes.com.cn>" |
Subject |
"RE: Statement Of Account" |
Attachment |
"S O A -44E45T76468.zip" |
MD5 |
5078f73f3f744867e6c5e07cda5b5120 |
SHA256 |
4092cc3841bc5e1377fb65e343cb837f0255e33d2194c3b24c8dde82a28511ba |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(4)
Sender ip |
202.6.17.96 |
From |
"AVR
<traveloka@avisthailand.com>" |
Subject |
"AVR Signing JULY 07 2021" |
Attachment |
"AVR JULY 2021.xz" |
MD5 |
bf5029e55445e550dcd79bbed68f6499 |
SHA256 |
d76ef633fc30a0fa009064ec2dc22a7d204be5c7e910622cb741cb01d434f1d7 |
Family |
Formbook |
(5)
Sender ip |
66.154.98.178 |
From |
"Albert Kwok
albert.kwok@socomec.com" |
Subject |
"=?UTF-8?B?5Zue5aSN77ya5Zue5aSNOiBXMjc4LTAwMyBSRlEgT3JkZXIgIyAxNzI4MTY1MSAtLSBBQlMgTWF0ZXJpYWxzIFVSR0VOVCBRVU9URSA=?=" |
Attachment |
"RFQ#17281651.zip" |
MD5 |
ecd9624c1db90c4d37c9c13134e7b530 |
SHA256 |
b5a94ffe5202310edc5f0b2282060bdebfc81e0b1c384034e3a0865f21bd253b |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(6)
Sender ip |
77.247.110.64 |
From |
"<michelle.ludlow@dssmith.com>" |
Subject |
"New Order" |
Attachment |
"New Order.r11" |
MD5 |
6dfd3f441cba3bff01eb967ebab0e8ee |
SHA256 |
7c4503efb86aa0f5f353c73a94b14a3e8bf54f3964327f9ef51e6862ca9a8258 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
Sender ip |
185.222.57.72 |
From |
"Jenny Ngai
<jenny@usienet.com>" |
Subject |
"RE:ULP202109013K" |
Attachment |
"NEW PO.zip" |
MD5 |
12f0821def797484f5ac6f71c7df8603 |
SHA256 |
12b8f8db5494b23f78d646a7f0cf283e5785cab44159e93bf248959d242b4172 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(8)
Sender ip |
103.139.44.91 |
From |
"Birgitta
Ulander-Persson"<birgitta.ulander-persson@infranordic.se>"via
infranordicab.onmicrosoft.com" |
Subject |
"RE Re : confirm attached bank
account" |
Attachment |
"bank account details
pdf.rar" |
MD5 |
706be901d98176933656792f16bcee15 |
SHA256 |
da64f486e27687603d8c053ff40ecc4f4a2028786fa0aaee4ccffd370d87dee2 |
Family |
Unknown |
(9)
Sender ip |
199.10.31.237 |
From |
"=?UTF-8?B?U2ltZ2Ugw5ZaU09ZIC0gSW1wb3J0cyBEZXBhcnRtZW50?=
<admin@nrsssss.com>" |
Subject |
"Request for Proforma
Invoice" |
Attachment |
"PI.7.7.2021.r00" |
MD5 |
59fd37d3409280d9a1f14186d336863d |
SHA256 |
9627f98b6a50fed8620dae19198edfce38b9ac6e405431ef3b02f90a3904aaa2 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(10)
Sender ip |
213.246.110.56 |
From |
"British petroleum <behar.halilaj@oekg-ks.org>" |
Subject |
"M/S OIL AND GAS/EQUIPMENT-
GREATER NILE PETROLEUM OPERATING COMPANY (GNPOC)FOR EPCCOF EXPORT OIL/EQUIPMENT
QUALITY IMPROVEMENT." |
Attachment |
"EPCC Of Export Oil and gas
equipment.tar" |
MD5 |
03454dfa6abb4bf48c7926b028d348af |
SHA256 |
422f8e8038736caf2381d8f88914959d502951fe70d41d9d40eb6b53e1016a87 |
Family |
SnakeKeylogger |
(11)
Sender ip |
213.246.110.56 |
From |
"British petroleum
<behar.halilaj@oekg-ks.org>" |
Subject |
"M/S OIL AND GAS/EQUIPMENT- GREATER
NILE PETROLEUM OPERATING COMPANY (GNPOC)FOR EPCCOF EXPORT OIL/EQUIPMENT
QUALITY IMPROVEMENT." |
Attachment |
"RFQ No. ECOQI-MEC-001.tar" |
MD5 |
2e6d0e61cde02a90610274275ef681d3 |
SHA256 |
d5686602a6cebb0686fdaf3622b496da827f92760b8c5638a27a46ec93208e20 |
Family |
SnakeKeylogger |
(12)
Sender ip |
185.222.57.89 |
From |
"mahendrakr.sharma@nbcbearings.in" |
Subject |
"RE: Payment Details - 0000012638
" |
Attachment |
"Payment Details.zip" |
MD5 |
5b3f3d094c10b6aac465b3f6a7a6899a |
SHA256 |
c8b2192f933e3b3124abbf20d43e8de51cfceea1469ef40413d3fc83d98c8d03 |
Family |
SnakeKeylogger |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment