Phishing Attacks 7_8_2021
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here 
.
(1)
|
Sender ip |
40.107.237.80 |
|
From |
"Cadence
<cadenceh@thefirmadv.com>" |
|
Subject |
"Clarification-Tuesday" |
|
Attachment |
"a. Summary - MED014.docx" |
|
MD5 |
d75a3f726d5b780c8f294a079902a32f |
|
SHA256 |
32de2e309f6b794ef23b504cb8cabdb79a78984c7fc428c6722491c9b32d49cb |
|
Family |
Unknown |
(2)
|
Sender ip |
185.222.57.68 |
|
From |
"shipingping
<shipingping@kmfoil.com>" |
|
Subject |
"RE: SOA FOR JULY MONTH :
Convergent Interfreight Co.,Ltd.- Thailand to Seashell Logistics -
India" |
|
Attachment |
"SOA.zip" |
|
MD5 |
2cd4216016be95674391ee01fb7469aa |
|
SHA256 |
4b7c7ef8d00b24fb61bb332cdce16768544c0db09830e817942affe32f630e48 |
|
Family |
Unknown |
(3)
|
Sender ip |
203.159.80.109 |
|
From |
"Kesavapriya
<Kesavapriya@hotmail.com>" |
|
Subject |
"New SOA Submission " |
|
Attachment |
"SLB SOA format.r01" |
|
MD5 |
46d25e193b0fa8c66294eae90d6ba0a0 |
|
SHA256 |
8211def9e38f6488cc96851d5c572b9607e3dca6e33bd375ca99435f964ef94c |
|
Family |
Formbook |
(4)
|
Sender ip |
45.137.22.42 |
|
From |
"Ar. Dan Paul O. Uch"
<douchi@megaworld-lifestyle.com>" |
|
Subject |
"BOQ-DOU-2021-09-02" |
|
Attachment |
"BOQ-DOU-2021-09-02.bat.gz" |
|
MD5 |
4956ceb3fed384172bbffe30997fc515 |
|
SHA256 |
eca5a099031d8e068b7ca0f30c48ba08f72fb018552e6b647ab67652a325fb9d |
|
Family |
NanoCore |
(5)
|
Sender ip |
172.93.189.10 |
|
From |
"Oficinatrujillo<oficinatrujillo@gebaudesac.com>" |
|
Subject |
"RE: RE: Returned
payment-Shenzhen ISH Logistics usd21,283.26 value 8 AUG 021" |
|
Attachment |
"Scan copy 02186 pdf.zip" |
|
MD5 |
5abc47059f05e8050a119814bf32a869 |
|
SHA256 |
b11276bad56047581b872ec6d0444a1ca1a6f69d30148388962237dbab0a4ec2 |
|
Family |
AgentTesla |
(6)
|
Sender ip |
193.56.29.187 |
|
From |
"adiv@adiv.cz" |
|
Subject |
"Request For Quotation
RFQ-2201847" |
|
Attachment |
"RFQ-2201847.xlsx" |
|
MD5 |
e0862470e5965e76ab37702c30096853 |
|
SHA256 |
7808a0341cfc13c07706366afcda3f3433d068ff1e8a9971a57a4700c691ac95 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
|
Sender ip |
185.222.57.90 |
|
From |
"sabari
<admin2005@smcinfraoman.com>" |
|
Subject |
"RE: Enquiry OF Flange(0998 R1)
ST PO:1805140" |
|
Attachment |
"(0998 R1) ST PO1805140.lzh" |
|
MD5 |
cd614ee86b5661f86d0a7f2f089f3e8f |
|
SHA256 |
b41d1ffbb8d7c2a870f77e24ae83e6b0b06eb01e0f93f30341d1731d052add08 |
|
Family |
Formbook |
(8)
|
Sender ip |
41.76.171.77 |
|
From |
"Mr Yan"
<lmwangi@uwezo.go.ke>" |
|
Subject |
"RE : STATEMENT OF ACCOUNT" |
|
Attachment |
"Pending SOA.r00" |
|
MD5 |
13cf23e91100291ebc26b409500ebd63 |
|
SHA256 |
c6448bb51093538570c2b7aac0eff02b4c0227991ed554b7db66256c2f151438 |
|
Family |
Loki |
(9)
|
Sender ip |
185.222.58.146 |
|
From |
"June.Wang(Ms. June Wang)
<hkwxy@hmm21.com>" |
|
Subject |
"=?UTF-8?B?5a+56LSm5Y2VLeS8l+a6kC0=?=" |
|
Attachment |
"ZYJY-2021010005.RXHT0021 秘鲁箱单.lzh" |
|
MD5 |
08521f25f60c84cf0a69ee633b84ae52 |
|
SHA256 |
5a1642e79f3f7bf0d687a25b53588048a9ebaed6a7237a6f7dce35947e3063e0 |
|
Family |
Formbook |
(10)
|
Sender ip |
185.222.58.146 |
|
From |
"June.Wang(Ms. June Wang)
<hkwxy@hmm21.com>" |
|
Subject |
"=?UTF-8?B?5a+56LSm5Y2VLeS8l+a6kC0=?=" |
|
Attachment |
"ZYJY-2021010007.DBLF0445+446+441
美阳+纳翔辉+众源 2柜.lzh" |
|
MD5 |
3a151754c2dabd64d43dadec97a51dc1 |
|
SHA256 |
bca3eddcd3c7c1f1354298508dc3643b4cb2f62e8bcdbb6cf87b6814c5db7e98 |
|
Family |
SnakeKeylogger |
(11)
|
Sender ip |
209.85.216.48 |
|
From |
"FCB UK."
<barclaycustomercare644@gmail.com>" |
|
Subject |
"Payment From First Commercial
Bank London." |
|
Attachment |
"Authorization Letter..doc" |
|
MD5 |
e5a0a215ecfa2adce667dc6460829581 |
|
SHA256 |
40741d22b740ce06d607e5ee8e8ae8f55bef454bafb32cb51de5f13c47bb2846 |
|
Family |
Unknown |
(12)
|
Sender ip |
23.237.123.66 |
|
From |
"Helen He
<mikeli@kingsunmachinery.com>" |
|
Subject |
"Quote needed asap" |
|
Attachment |
"LIST.KRT.zip" |
|
MD5 |
b1bdc26944639f40a50b61a173b5fad1 |
|
SHA256 |
4406e3dc44f1ad394f993770c0307ee3cb97718ba09790643f6d0878ca931001 |
|
Family |
Formbook |
(13)
|
Sender ip |
185.222.58.113 |
|
From |
"Financial
Manager<Financial@lgepartner.com>" |
|
Subject |
"Fwd: WG: Payment issue" |
|
Attachment |
"invoice.pdf.z" |
|
MD5 |
29a8f786bc0ecf80d7bafa4217e1a224 |
|
SHA256 |
5410997bdd858dbc071239783ae1dbe6966fcde498dbdfaccd08999637d5ed6c |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(14)
|
Sender ip |
185.222.57.85 |
|
From |
"sales1"
<sales1@profdraft.com>" |
|
Subject |
"New Inquiry Urgent
Order_01792PDF Line#17 DT.06.08.2021" |
|
Attachment |
"Order_01792PDF.7z" |
|
MD5 |
cb12df7df3a989ec20e09dac707514aa |
|
SHA256 |
373a53b647ab5622a66a237038ee06ed43018b970458c0af3589a7c0ce7e8247 |
|
Family |
AgentTesla |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
Comments
Post a Comment