Phishing Attacks 25_10_2021
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here 
.
(1)
|
Sender
ip |
har@rgp.com.pk |
|
From |
from
rgp.com.pk (unknown [45.137.22.147]) |
|
Subject |
"RE:
REVISED Purchase Order LA 6111 from MDY Group LA" |
|
Attachment |
"purchase
order.img" |
|
MD5 |
1b751916daf8d7106f232d42ecdf92d2 |
|
SHA256 |
8e8bbf29ccb70e39319a93d1c699ffce7415603b51154a6397edeab80835bb25 |
|
Family |
Unknown |
(2)
|
Sender
ip |
40.92.255.84 |
|
From |
"Lea
Kuhn <PreviqlvVtkvrjis@outlook.com>" |
|
Subject |
"Lea
Kuhn" |
|
Attachment |
"Lea.docx" |
|
MD5 |
849986e811351c37e97bf7bc619e77a2 |
|
SHA256 |
7d32fa88818aa0d5ec2549edf2d0d7dc3d2c097e64137c87b62a04add0cc4d96 |
|
Family |
Unknown |
(3)
|
Sender
ip |
77.247.110.105 |
|
From |
"Roy
Zheng" <zheng@dago.com>" |
|
Subject |
"Fw:
4th Hire Payment" |
|
Attachment |
"Payment
Advice_pdf.rar" |
|
MD5 |
00b706a056ff25714072cf8abe5533d2 |
|
SHA256 |
571aaa7ffdcf74dffbcb895f2bbafbe14c69950dc8da12be2de951606301d09b |
|
Family |
SnakeKeylogger |
(4)
|
Sender
ip |
162.248.54.230 |
|
From |
"Louis
Dreyfus Commodities Suisse S.A." <soporte@servilad.com>" |
|
Subject |
"FW:
NEW ORDER 00041221" |
|
Attachment |
"new
order 00041221.rar" |
|
MD5 |
9ab19329038ee26756033a78adc476ae |
|
SHA256 |
0ab310f143011b37d3bf5c57a86784542ee9e153e4fbfb259d7f038a2436a505 |
|
Family |
AgentTesla |
(5)
|
Sender
ip |
159.89.102.156 |
|
From |
"charles@addression.ml" |
|
Subject |
"Hallo" |
|
Attachment |
"HALLO.rtf" |
|
MD5 |
9406ea7b53a639636db7e2cde793f46a |
|
SHA256 |
e914ebf360ebae6931ee86861ed37436cf85342e357498fbc4e63ae9403ba12b |
|
Family |
Unknown |
(6)
|
Sender
ip |
185.222.58.155 |
|
From |
"Lazada
Vietnam PSC <noreplypscvn@care.lazada.com>" |
|
Subject |
"Re:
Signed proforma" |
|
Attachment |
"SIGN
AND STAMP PROFORMA INVOICE.IMG" |
|
MD5 |
952912294567e68ed4afa1ee6f2817e0 |
|
SHA256 |
f9b023ddf7da6f9736281946b01fb941764afb3383e9e61b91ca9d60f1be7bff |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
|
Sender
ip |
45.137.22.114 |
|
From |
"Ronak
Sheth" <logistics.oilseed@praramb.com>" |
|
Subject |
"ORIGINAL
SCAN DOX - SC 210119 RAJAT 3FCL SOYA MAL.................Sales Contract" |
|
Attachment |
"ORIGINAL
SCAN DOX.UUE" |
|
MD5 |
92aa56f3074968f3ee40fdc13063c7ee |
|
SHA256 |
548bb989f95ac42542df01d40248cb33f94b1184bd9be46a398c0167e66d53d1 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(8)
|
Sender
ip |
202.55.133.149 |
|
From |
"michelle.mak@fleischhacker.biz" |
|
Subject |
"Re:
Request for quotation - Ref Med 05 Yemen" |
|
Attachment |
"RFQ-WO10
#384573-pdf.gz" |
|
MD5 |
ff71132b5fee1a13f23f2f34f8f7472d |
|
SHA256 |
33890c0f3448f0e2adcf1a43cd023298b05e53b944699de720ec18f9ebab3357 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(9)
|
Sender
ip |
202.55.133.149 |
|
From |
"sales.div1@onetop.ph" |
|
Subject |
"RFQ-RO10
CDO Nov 20" |
|
Attachment |
"RO10
CDO#384573-pdf.gz" |
|
MD5 |
c23d06e5fb1ea39cdb5cc1f618779565 |
|
SHA256 |
36c27972ece83744057ddd0ae2a7683506689cbdd1e5c4c02fd8b84eabe0be12 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(10)
|
Sender
ip |
45.137.22.61 |
|
From |
"mlogiudice@tripadvisor.com" |
|
Subject |
"RE:
WRONG IBAN/PAYMENT RETURNED" |
|
Attachment |
"BANK
INFORMATION.r15" |
|
MD5 |
33b66b01acac33dd3d039b8542c5992e |
|
SHA256 |
6ce37d6a21a15296ed2428b7799c82ab487b07be1e9e89d1c278ee7708f58a8f |
|
Family |
Unknown |
(11)
|
Sender
ip |
103.28.70.165 |
|
From |
"Sushmitha
Nainar <ae.ofs.si@one-line.com>" |
|
Subject |
"Draft
B/L(s) (T/VVD : HYUNDAI FAITH 0096W / B/L No : ONEYDXBB14291300) " |
|
Attachment |
"ONEYDXBB14291300_draft_20211018165115.zip" |
|
MD5 |
686e348e27d662e0a367a654e72c81b9 |
|
SHA256 |
7a80ffd0286309b2e66df50b07e887e1d9d9c4084099d602cb81307f3296a3d1 |
|
Family |
AgentTesla |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment