Phishing Attacks 11_7_2021
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here .
(1)
Sender ip |
212.60.13.5 |
From |
"Cosco shipping specialized
carriers<liuhs@coscol.com>" |
Subject |
"m/v da tong yun agency
appointment for discharging operations" |
Attachment |
"Ship�s particular.rar" |
MD5 |
4f7f9324e75de01aa60820a776fb25e2 |
SHA256 |
0ccdca6011b0a5dd0118d0deb07137f53345839ca85fda38d709a17febb074a5 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(2)
Sender ip |
103.239.139.219 |
From |
"russel
<marcom@iecsindia.com>" |
Subject |
"Fulhamfc Cement Price Quotation
DT List" |
Attachment |
"DT2252 BOS.gz" |
MD5 |
614592789d56827fe664831674eb9650 |
SHA256 |
d56d36d121295266d17ff7570ca55fa3ed3840cc0667150b8a5412e4fdfb6508 |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(3)
Sender ip |
162.144.199.237 |
From |
"Lilian Yeung
<Lilianyeung@savit.co.in>" |
Subject |
"Re:Re: Overdue payment
receipt" |
Attachment |
"BANK TT COPY.iso" |
MD5 |
5e991f063bf4e0faddbe9db42c7df98e |
SHA256 |
8a88254008e213933c24ff5f10c2669d8c68847e76a00caf9c593fb536144fb9 |
Family |
Formbook |
(4)
Sender ip |
103.232.55.10 |
From |
"william.norenj@brenntag-asia.com
<william.norenj@brenntag-asia.com>" |
Subject |
"PURCHASE ORDER-057 (K612 HYDRO
HEATER STARCH)." |
Attachment |
"P.O.zip" |
MD5 |
94bce03a40c993a6d5067231dc2c1d96 |
SHA256 |
98f4f35c5f870c316e3f49f45b88a690ac6a8a38554a56eafa6e78d2133c1e8b |
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(5)
Sender ip |
104.168.170.242 |
From |
"CMS Payment
Team"<dennis@longdat.pw>" |
Subject |
"Fri, 09 Jul 2021 06:13:00
-0700" Subject: "Credit
Notification" |
Attachment |
"Beneficiary_Details.zip" |
MD5 |
3df8ccee70602c1e07a132133b28b5be |
SHA256 |
925bae006f387d71926aae4caa329f74d8f7d63b2bdc979b4823c8481b4597cc |
Family |
Formbook |
(6)
Sender ip |
185.50.197.96 |
From |
"John Chen
<smtp-1nbxo@intokutravel.com>" |
Subject |
"9 Jul 2021 14:23:25 +0100" Subject: "rfq Invoice" |
Attachment |
"Purchase OrderPDF.zip" |
MD5 |
af98fb002c142d1dd59cc2c396c87ce9 |
SHA256 |
c74be4460e00af962d51e8bc1c9f0f57df1669b558993769afd621af94fc9ef6 |
Family |
Formbook |
(7)
Sender ip |
103.155.80.90 |
From |
"Purchasing
Manager"<cheryl@acmelaser.cn>" |
Subject |
"Re:Re:Re: Additional New Order
& Request for catalog and price list" |
Attachment |
"RFQ#20210709.ISO" |
MD5 |
3f94090e74aa6b2866be9dac6414523f |
SHA256 |
6605187766e50cfa608d95f9379a38d4b2e7933a74b50b6b56cac288846007bb |
Family |
Loki |
(8)
Sender ip |
103.155.80.90 |
From |
"Purchasing
Manager"<cheryl@acmelaser.cn>" |
Subject |
"Re:Re:Re: Additional New Order
& Request for catalog and price list" |
Attachment |
"NEW ORDER.zip" |
MD5 |
35b34ec6dfed891e23a4a63aec049e1c |
SHA256 |
0375f45e25b7fca1f49141cd56cf164e09c43c210778b126e91b385d84961efc |
Family |
Loki |
(9)
Sender ip |
185.222.57.200 |
From |
"Eng Mustansir Maimoonn
<mgil0x01@gmail.com>" |
Subject |
"QUOTATION REQUIRED POTOMAC RFQ
201901959" |
Attachment |
"RFQ 201901959.gz" |
MD5 |
ddd30de309a495fea943ef89dc765d2f |
SHA256 |
e1ef065cd157c841b27258689c292a341b058e09cff7707ea3c8267bf17bcc6c |
Family |
SnakeKeylogger |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment