Phishing Attacks 5_8_2021

 


If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here 👇.

My udemy course

(1)

Sender ip

213.142.132.19

From

"Nuria Cabo <nuriacabo@urianet.com>"

Subject

"IMPORTE 347 Y FACTURA PENDIENTE DE PAGO"

Attachment

"21.08.0260.rar"

MD5

f2041a9ab4cb5317a7a563b711463a94

SHA256

17b5d1c0ba36bc24ac297279e0388d57b8bf5e5cbdbf408e7592627af8f0bf6f

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.


(2)

Sender ip

203.159.80.109

From

"Ludwig Reiner <info@sagtaur.com>"

Subject

"CAN YOU SUPPLY IN A REQUIREMENTS ORDER CONTRACT?"

Attachment

"P.O Contract #007676.r01"

MD5

8c093f5b8a7931a73a9cb03245990d80

SHA256

69fb385f09b26bb2d7a720f53cd4491bc4406860b0889bc8ad25c3ff37f983c1

Family

Formbook

 

(3)

 

Sender ip

136.144.41.60

From

"Celine Meier"<ops@hanseelb.de>"

Subject

"MV Evaluna // port enquiry"

Attachment

"Evaluna description.zip"

MD5

497cad6bb8a5a173d1de40158d17e880

SHA256

2a94b70b3e30d5bb002f48cb8ae7855d060f71c0d79ad4be4117f3024810ef12

Family

SnakeKeylogger

 

(4)

 

Sender ip

139.59.44.121

From

"<info@hyundaichenab.com>"

Subject

"Fw: Swift Payment Advise urs.lustenberger@lgpartner.ch - Ref: [Eu39174QX01U6] "

Attachment

"Swift Payment.zip"

MD5

369e1851186d2e818147b765ff6a1cea

SHA256

b4c614bf403f35f5b360c419580bd6595783c8d75d5b16daa4824a7787596b3c

Family

Formbook

 

(5)

Sender ip

45.137.22.144

From

"paul@horizontechnos.com"

Subject

"RE: NEW ORDER"

Attachment

"70654 SSEBACT.r15"

MD5

3794526627f434412799c1c770df18a0

SHA256

47240e06964716275c84e0afc9379c7bf1e253da8c1cf28c8ead8d5185814cb6

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(6)

Sender ip

202.55.132.5

From

"Mike Jansen" <StaceyEisenberg@iheartmedia.com>"

Subject

"RE: Re: [Top Urgent] [Top] New Order for P/O: 2070121/SN-WS for Urgent Shipment"

Attachment

"Purchase Order 2070121 SN-WS.Pdf.iso"

MD5

a92f2000f313179189819fa74c20064e

SHA256

0dc3ebc01a431373c4587f2222879eb61b2255c8355bee94e2e62e90483f17cb

Family

Formbook


(7)

Sender ip

37.0.8.149

From

"Jane Shao Zhen Liu" <Jane.Liu@maersk.com>"

Subject

"=?UTF-8?B?UkU6IFVuaWRlbnRpZmllZCBwYXltZW50IC0g6K+35qOA5p+l44CC?="

Attachment

"Payment_check.pdf.iso"

MD5

890b7c0f09c0bb7f8d539698bb1643d6

SHA256

b911f32ff4fe71ffdabcaefac949d37b087fc16faaa2cf450b56b2f3f9c14a8d

Family

NanoCore

If you wanna know how to analysis NanoCore Malware you can check my analysis in YouTube  NanoCore.. 

(8)

Sender ip

185.222.57.75

From

"Yasser Gamal<ygamaleldin@awazel.com>"

Subject

"Re: Re: Fw: Download the attachment file to confirm outstanding amount."

Attachment

"Outstanding Amount.r00"

MD5

20c91fe068e8c73ac194398c87118b59

SHA256

757e30d7a402856bd55c4a8f84cab25fcc1e01f3b7365cce3e91a7775322987c

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(9)

Sender ip

81.21.70.244

From

"DHL Express <consignments-notification@dhl.com>"

Subject

"=?UTF-8?Q?DHL=E5=8D=95=E5=8F=B7__SHIPMENT_NOTIFICATION_FOR_INCOM?=

=?UTF-8?Q?ING__AIR_WAYBILL?="

Attachment

"RECEIPT_pdf.rar"

MD5

312062576b8c6ce5e204e37f5745bd52

SHA256

c881770186468637dd024971988c9147593f437833e767e6ca252be27b7ca82b

Family

AZORult


(10)

Sender ip

185.222.57.68

From

"HIEN" <hiendt2@tbsgroup.vn>"

Subject

"New order from Milan Hien"

Attachment

"SALES ORDER.zip"

MD5

599dfa297a7933c72569f0a715a94e5a

SHA256

0c8b4552d5808ddc4dac11749b00e950fc815824500944ed75a32ca46281e105

Family

Unknown

 

(11)

Sender ip

155.94.142.140

From

"=?UTF-8?B?T3LDp3VuIFZhcm9sc3Vu?=<ovarolsun@akimmetal.com.tr"

Subject

"210803 RFQ of New Project(Akimmetal W452-001)_Rev2"

Attachment

"W452-001.zip"

MD5

1aa098f1192085265284be05137384f3

SHA256

61ff536f01689f4b04f0ab41d3f6e217391f255191893f1faedd6334a72faa36

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  
YouTube channel 


Comments

Popular posts from this blog

Sunburst Solarwinds Backdoor

Phishing Attacks 9_4_2021

AgentTesla Malware