Phishing Attacks 5_8_2021
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here 
.
(1)
|
Sender ip |
213.142.132.19 |
|
From |
"Nuria Cabo
<nuriacabo@urianet.com>" |
|
Subject |
"IMPORTE 347 Y FACTURA PENDIENTE
DE PAGO" |
|
Attachment |
"21.08.0260.rar" |
|
MD5 |
f2041a9ab4cb5317a7a563b711463a94 |
|
SHA256 |
17b5d1c0ba36bc24ac297279e0388d57b8bf5e5cbdbf408e7592627af8f0bf6f |
|
Family |
AgentTesla |
(2)
|
Sender ip |
203.159.80.109 |
|
From |
"Ludwig Reiner
<info@sagtaur.com>" |
|
Subject |
"CAN YOU SUPPLY IN A REQUIREMENTS
ORDER CONTRACT?" |
|
Attachment |
"P.O Contract #007676.r01" |
|
MD5 |
8c093f5b8a7931a73a9cb03245990d80 |
|
SHA256 |
69fb385f09b26bb2d7a720f53cd4491bc4406860b0889bc8ad25c3ff37f983c1 |
|
Family |
Formbook |
(3)
|
Sender ip |
136.144.41.60 |
|
From |
"Celine
Meier"<ops@hanseelb.de>" |
|
Subject |
"MV Evaluna // port enquiry" |
|
Attachment |
"Evaluna description.zip" |
|
MD5 |
497cad6bb8a5a173d1de40158d17e880 |
|
SHA256 |
2a94b70b3e30d5bb002f48cb8ae7855d060f71c0d79ad4be4117f3024810ef12 |
|
Family |
SnakeKeylogger |
(4)
|
Sender ip |
139.59.44.121 |
|
From |
"<info@hyundaichenab.com>" |
|
Subject |
"Fw: Swift Payment Advise
urs.lustenberger@lgpartner.ch - Ref: [Eu39174QX01U6] " |
|
Attachment |
"Swift Payment.zip" |
|
MD5 |
369e1851186d2e818147b765ff6a1cea |
|
SHA256 |
b4c614bf403f35f5b360c419580bd6595783c8d75d5b16daa4824a7787596b3c |
|
Family |
Formbook |
(5)
|
Sender ip |
45.137.22.144 |
|
From |
"paul@horizontechnos.com" |
|
Subject |
"RE: NEW ORDER" |
|
Attachment |
"70654 SSEBACT.r15" |
|
MD5 |
3794526627f434412799c1c770df18a0 |
|
SHA256 |
47240e06964716275c84e0afc9379c7bf1e253da8c1cf28c8ead8d5185814cb6 |
|
Family |
AgentTesla |
(6)
|
Sender ip |
202.55.132.5 |
|
From |
"Mike Jansen"
<StaceyEisenberg@iheartmedia.com>" |
|
Subject |
"RE: Re: [Top Urgent] [Top] New
Order for P/O: 2070121/SN-WS for Urgent Shipment" |
|
Attachment |
"Purchase Order 2070121
SN-WS.Pdf.iso" |
|
MD5 |
a92f2000f313179189819fa74c20064e |
|
SHA256 |
0dc3ebc01a431373c4587f2222879eb61b2255c8355bee94e2e62e90483f17cb |
|
Family |
Formbook |
(7)
|
Sender ip |
37.0.8.149 |
|
From |
"Jane Shao Zhen Liu"
<Jane.Liu@maersk.com>" |
|
Subject |
"=?UTF-8?B?UkU6IFVuaWRlbnRpZmllZCBwYXltZW50IC0g6K+35qOA5p+l44CC?=" |
|
Attachment |
"Payment_check.pdf.iso" |
|
MD5 |
890b7c0f09c0bb7f8d539698bb1643d6 |
|
SHA256 |
b911f32ff4fe71ffdabcaefac949d37b087fc16faaa2cf450b56b2f3f9c14a8d |
|
Family |
NanoCore |
If you wanna know how to analysis NanoCore Malware you can check my analysis in YouTube NanoCore..
(8)
|
Sender ip |
185.222.57.75 |
|
From |
"Yasser
Gamal<ygamaleldin@awazel.com>" |
|
Subject |
"Re: Re: Fw: Download the
attachment file to confirm outstanding amount." |
|
Attachment |
"Outstanding Amount.r00" |
|
MD5 |
20c91fe068e8c73ac194398c87118b59 |
|
SHA256 |
757e30d7a402856bd55c4a8f84cab25fcc1e01f3b7365cce3e91a7775322987c |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(9)
|
Sender ip |
81.21.70.244 |
|
From |
"DHL Express
<consignments-notification@dhl.com>" |
|
Subject |
"=?UTF-8?Q?DHL=E5=8D=95=E5=8F=B7__SHIPMENT_NOTIFICATION_FOR_INCOM?= =?UTF-8?Q?ING__AIR_WAYBILL?=" |
|
Attachment |
"RECEIPT_pdf.rar" |
|
MD5 |
312062576b8c6ce5e204e37f5745bd52 |
|
SHA256 |
c881770186468637dd024971988c9147593f437833e767e6ca252be27b7ca82b |
|
Family |
AZORult |
(10)
|
Sender ip |
185.222.57.68 |
|
From |
"HIEN"
<hiendt2@tbsgroup.vn>" |
|
Subject |
"New order from Milan Hien" |
|
Attachment |
"SALES ORDER.zip" |
|
MD5 |
599dfa297a7933c72569f0a715a94e5a |
|
SHA256 |
0c8b4552d5808ddc4dac11749b00e950fc815824500944ed75a32ca46281e105 |
|
Family |
Unknown |
(11)
|
Sender ip |
155.94.142.140 |
|
From |
"=?UTF-8?B?T3LDp3VuIFZhcm9sc3Vu?=<ovarolsun@akimmetal.com.tr" |
|
Subject |
"210803 RFQ of New
Project(Akimmetal W452-001)_Rev2" |
|
Attachment |
"W452-001.zip" |
|
MD5 |
1aa098f1192085265284be05137384f3 |
|
SHA256 |
61ff536f01689f4b04f0ab41d3f6e217391f255191893f1faedd6334a72faa36 |
|
Family |
AgentTesla |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
Comments
Post a Comment