Phishing Attacks 8_7_2021

 



If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here 👇.

My udemy course

(1)

Sender ip

84.38.133.132

From

"ictmetal@trade.com"

Subject

"PURCHASE/EXEMPTION FORM AND AFFIDAVIT"

Attachment

"PO 3457773.rar"

MD5

328821654fecebddcc402b10705fa03d

SHA256

0dd0cbdc766310fa6b10c486c54b1e305de4c181a1a196fbb7b6332e96df18b7

Family

Unknown

 


(2)

Sender ip

185.222.57.72

From

"Salie Nguyen <salie@smartelegant.com>"

Subject

"RE: RE:BOOKING"

Attachment

"246838YE82728.zip"

MD5

17a44f2ca97c2950cd3f134fa0e252d2

SHA256

8c7a0645cad5d25e00158d747daf737d9404eb444129cdc0e5bd8368a28622ba

Family

Unknown

 

(3)

 

Sender ip

64.8.71.14

From

"Paul <heberling@fuse.net>"

Subject

"Draft minutes of the June 8th St. Lawrence Finance Committee meeting"

Attachment

"2021 06 08 St. L. Finance Committee Meeting Minutes DRAFT.docx"

MD5

a6cf689c0a2a3013fa4661c6d9255f4b

SHA256

ff57c132353cebca6073e686127cb1511cc28bdeeb6d8b514b82d769a17275b9

Family

Unknown

 


(4)

 

Sender ip

45.72.78.36

From

"export@zeoprofit.gr"

Subject

"RE: Saudi Arabai Market."

Attachment

"PO_M050417.zip"

MD5

af6e21b8d70dd40cb1ffb0695f29ecc4

SHA256

40e3f1a6efb6ab28557cccb02b35810c41f7da21faf3d10976de693a278ff16d

Family

Unknown

 

(5)

Sender ip

45.72.78.36

From

"export@zeoprofit.gr"

Subject

"30 % order advance "

Attachment

"PO_LRTC17086.zip"

MD5

7f0230c48b78f26b226bfab9b28f51b9

SHA256

ffaa83970c7e63b1170180e13182f12de2db59777deb86d40c268c02cad2fe9d

Family

unknown

 

(6)

Sender ip

135.181.157.225

From

"VALERIE ANN <sales06@topworld-logistics.com>"

Subject

"RE: PAYMENT CONFIRMATION and OUTSTANDING SOA"

Attachment

"Payment Advice.zip"

MD5

2b5ee24d71e0629224da67934e21c517

SHA256

ab6ccb5d8a14024c9e504940f8b87f5289ccb12febd76ebc492c14ced68c9cf4

Family

Unknown


(7)

Sender ip

185.222.57.89

From

"Melroy Paul<melroy.p@tradexme.com>"

Subject

"RE: URGENT QUOTATION"

Attachment

"QUOTATION...0163E.rar"

MD5

5a0191a447f4c36acd9e367b72bf8208

SHA256

e4a289ae637ddecd306e8b971b78781e17e1a9f8e772234cc6db8d723a81bbce

Family

Unknown


(8)

Sender ip

185.222.57.162

From

"ramshiniarezoo@yahoo.com"

Subject

"INVOICE#0989788"

Attachment

"090000000.zip"

MD5

5f2a2f8a6f8fbabb7e60988b6853b8e4

SHA256

a5540e6a974ffc5879d8a7398e96655c2705b0b5941e434624fc6ec50e810c26

Family

Unknown

 

(9)

Sender ip

103.232.55.10

From

"william.norenj@brenntag-asia.com <william.norenj@brenntag-asia.com>"

Subject

"PURCHASE ORDER-057 (K612 HYDRO HEATER STARCH)."

Attachment

"P.O.zip"

MD5

d44653a735464334813f90098bf9e260

SHA256

376dabd24e85f0eb6f5252b8f7fa563647281a2dab567d91c622061ac10d38b0

Family

Unknown

 

(10)

Sender ip

103.155.81.50

From

"Muhammad Yaseen <qakhan@nrc.com.sa>"

Subject

"Re: CV / Application for the post of Export Documentation and/or Operation Assistant / Pricing"

Attachment

"CV CREDENTIALS.z"

MD5

64a7e5d8bb5f5393567f5aa1ea4fa864

SHA256

f211b369e8e092fc3f8a22b540e320d4487452cdadaa9cfb272fabb921dd48e3

Family

Unknown

 

(11)

Sender ip

77.247.110.77

From

"Mohamed , Eldaly <m.eldaly@petrozenima.com.eg>"

Subject

"INVITATION TO TENDER NO MAT. 021/PJTS/2021 FOR THE PROVISION OF SUPPLY Instrument Bulk Material"

Attachment

"INVITATION TO TENDER NO MAT 021 PJTS 021 FOR THE PROVISION OF SUPPLY Instrument Bulk Material(1).mds.img"

MD5

fb50c40a28c3bfeef88d80b957fca112

SHA256

45b026d5c1d558da8885aa47b50444f9841032644171f9a5e449038f97d06fc7

Family

Unknown

 

(12)

Sender ip

185.222.57.72

From

"Ghena Fakhran<ghenas@fakhranfoods.com>"

Subject

"Fw: swift requirement"

Attachment

"SWIFT CONFIRMATION.zip"

MD5

109eb95352ffa58f19febfe4b827456b

SHA256

b6fe74e598a0e60019b7b87ce6416d4c66ba429d548c09f8e0631fddb58613a7

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(13)

Sender ip

185.222.57.89

From

Amar Pakerh<amar.md@buamimmarble.com>

Subject

"RE: RFQ- WORKTOP -FINTD-RT-18-193-R0"

Attachment

"RFQ- 07-023 Quo7-877253.rar"

MD5

c40cc3aa40f6d604e1b26d2d1e220dc3

SHA256

2b4219e8a06702279e71778d097bcd122766a44d07827c5834768ac9463c7b65

Family

Unknown

If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA

 



Comments

Post a Comment

Popular posts from this blog

IOCs 7_8_2021

Image
  (1) File Name Netflix Checker AutoProxy.rar Created process Qsbb.exe Connected (Ip/Dns) Fhruhceio[.]eu5[.]org MD5 54407258f1e20055897fe7dad504a5dc SHA256 4c54592475d4636eb0fe0555dbe44813332059d787c755571797484b87983a50 Family njRAT   (2) File Name Start.exe Created process yGYkD7gHOX.exe Connected (Ip/Dns) Telete[.]in MD5 e123bd2a5d074027510e792b92bce913 SHA256 245c87b29983815f1bad519d8490e4fae064ec3f4788781f3944cbe4ad7e8e8b Family Raccoon   (3) File Name Banco do Brasil_eDeclaração_SMX_046_6-08-2021_SWIFT.COPY.exe Created process Banco do Brasil_eDeclaração_SMX_046_6-08-2021_SWIFT.COPY.exe Connected (Ip/Dns) www[.]transinta[.]com MD5 c5
Read more

Phishing Attacks 23_4_2022

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course   (1) Sender ip 180.214.238.82 From "Dang Thi Thu Hien<hiendang@panpacific.co.kr>" Subject "RE: [SSC CS] F22 03/09 Buy Shipping request_04062022" Attachment "SEALOGISTICS DEBIT NOTE.zip" MD5 add8e964a595d7af30f02783943c3a00 SHA256 24f6485539bc5d700d17ec8d629827ea80dfae2eb2189e872f4b8ae0e7f1d66f Family AgentTesla   If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube   AgentTesla .         (2) Sender ip 138.197.200.182 From "Nguyen Thi Quy <nguyen@47.fximnii.sbs>" Subject "RE: Purchase Inquiry: KPC/PU-231(MECH)NBI/20-22"
Read more

Phishing Attacks 15_2_2021

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course (1) Sender ip 137.184.90.200 From "<zita@anthonybirch.ml>" Subject "Attached our formal P/O : 4501226854." Attachment "PO - 4501226854,pdf (1).iso" MD5 9addd85060db79af3b0ac0e3011c69c1 SHA256 b0b0135c292340ab5993a9f2bea6f3f6e6478fb5883fe2e1ef67c60cf3dd0944 Family Formbook   (2) Sender ip 143.198.41.151 From "Gilbert Anderson <info@digimaincheckshower.com>" Subject "Please accept my applicant " Attachment "Approvald-32134.doc" MD5 40582aacc0f7f8a0946a64249dae4767 SHA256 1b97ac97a845c9f63cf7308e3f6f983
Read more