Phishing Attacks 10_11_2021
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here 
.
(1)
|
Sender
ip |
174.136.57.143 |
|
From |
"Purchase
manager <info@evercare-industries.com>" |
|
Subject |
"New
Order Picture Dawing " |
|
Attachment |
"PICTURE
DEAWING DESIGN.zip" |
|
MD5 |
d9f2ecffe72fc450d4286ba7d78a56cb |
|
SHA256 |
580fbb995ccbdb6810dbbc1ccd811b8865cd56a2c5ba77be3381834b17557c1d |
|
Family |
Formbook |
(2)
|
Sender
ip |
31.214.2.12 |
|
From |
"=?UTF-8?B?V2VybmVyIEfDtnR6?=
<p@diamondinter.com>" |
|
Subject |
"Fw:
Re: New Order No. BCM190282" |
|
Attachment |
"NEW
ORDER.GZ" |
|
MD5 |
987105f7184d924abbe38eeceecf56d7 |
|
SHA256 |
6920a20b8f4efe8dea10ea3496e329fcdb06d6ff36189e4f16f0fcb864de9af5 |
|
Family |
Unknown |
(3)
|
Sender
ip |
45.137.22.158 |
|
From |
"Pham
Dung <canez@tradinterbolivia.com>" |
|
Subject |
"=?UTF-8?B?UkU6IOioguWWrlQyMTcxNjAwOA==?=" |
|
Attachment |
"訂單T21716008.zip" |
|
MD5 |
4630ce9bd1fee20516bf62cea575a2fd |
|
SHA256 |
696af21363abdc6892fa25b8959f0ae718fb236e7efbd838a9a0931b04534e30 |
|
Family |
Unknown |
(4)
|
Sender
ip |
45.137.22.61 |
|
From |
"arun.nuon@expeditors.com" |
|
Subject |
"RE:
Confirmation Of Bank Details.." |
|
Attachment |
"details
of payment.zip" |
|
MD5 |
1dc43f5bb93b01962c4cc8da446daba0 |
|
SHA256 |
1724f70b37f3d2d32eba0554b3edb0657c3d0048a6b4ec5985b4bde47bc7ba69 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(5)
|
Sender
ip |
185.222.57.242 |
|
From |
"thinhnguyen27392@hotmail.com" |
|
Subject |
"Order#
1006847-Attached invoice" |
|
Attachment |
"INV9854784321.Scan.pdf....iso" |
|
MD5 |
6a71eab9d6772283fbab5642d90680e7 |
|
SHA256 |
86c623c75ae308fab4ec3ca485a838f5e5819f8dacfd0d8dfe0a6789f08ce50c |
|
Family |
Unknown |
(6)
|
Sender
ip |
45.137.22.61 |
|
From |
"ktm@murarkagroup.com" |
|
Subject |
"RE:
PRODUCT ENQUIRY" |
|
Attachment |
"Purchase
order.zip" |
|
MD5 |
de8ba3669bfb241195cde17a23478df9 |
|
SHA256 |
8903d2eab032609849c63b469d3ee7af4769ca84b1fd5c5b08a4946aee47b012 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
|
Sender
ip |
185.222.57.150 |
|
From |
"cnsale03@gmvalves.com" |
|
Subject |
"purchase
order" |
|
Attachment |
"uCkIzRN4ZzUIzCY.rar" |
|
MD5 |
143a404280f2e9c41a04cbb27d9246c5 |
|
SHA256 |
f94380f600899a30f325f87a138ed39739a748366afd27cf46f10756ab88c5ed |
|
Family |
Unknown |
(8)
|
Sender
ip |
212.192.241.172 |
|
From |
"Ahamed
Pramod" <alonsso@gle.com.es>" |
|
Subject |
"Product
Inquiries" |
|
Attachment |
"items.doc" |
|
MD5 |
43def8eefaaf8cdf55225bffdda8ec38 |
|
SHA256 |
16fd16f1795de27c016a22b16c4db01bf7f2197a91dfc98dc8f7ab9c4e85c464 |
|
Family |
Unknwon |
(9)
|
Sender
ip |
104.168.176.25 |
|
From |
"Andrey
Smirnov" <andrey.smirnov@gum-nak.com>" |
|
Subject |
"new
flexible project" |
|
Attachment |
"swicthable
project blue prints smrtdoc09001 WOB 08112021,NEW.rar" |
|
MD5 |
b791b848daa612ca56e42c616ffceacd |
|
SHA256 |
41ea161038efe62415e2476d68288ade993533746800d24becaffa97099f5961 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(10)
|
Sender
ip |
45.9.168.101 |
|
From |
"Induvac
Textiles & Leather B.V <info1@induvac.com>" |
|
Subject |
"December
PO 20210034" |
|
Attachment |
"December_PO_20210034_from_Induvac
Textiles_&Leather.ace" |
|
MD5 |
ac11b54c53cbbfab6a0f839bcbc51a1e |
|
SHA256 |
3206d4a7ee1ff19c900cd1956cacb379a2970cbce2ab476b401a95c92da6bc44 |
|
Family |
Formbook |
(11)
|
Sender
ip |
45.12.213.162 |
|
From |
"sales@ezehighway.space" |
|
Subject |
"RE:
Payment swift copy" |
|
Attachment |
"PAYMENT
SLIP.zip" |
|
MD5 |
b1343d0ca05adf9d609cb2bfbcd79b44 |
|
SHA256 |
a23407d6057e0203bcc4e1b0a77ad8eba2edfc035e5962697c354a8bf362f30e |
|
Family |
Unknown |
(12)
|
Sender
ip |
103.171.1.178 |
|
From |
"David
Dai"<david.dai@dwa.de-well.com" |
|
Subject |
"Payment
reminder" |
|
Attachment |
"SOA.rar" |
|
MD5 |
975b42b49f7e3a1cbc1575bcfa12dd8e |
|
SHA256 |
2eb02744feb7539fd5c9fe39ba39f9be1b9ceb347da963e75a493b8bb674201f |
|
Family |
AgentTesla |
(13)
|
Sender
ip |
174.138.56.139 |
|
From |
"DHL
<updates24@lastsaturdayng.com>" |
|
Subject |
"my
subject" |
|
Attachment |
"AWB
2101.ARJ" |
|
MD5 |
3b66a2095a59fc06f8e22eb18ce7624e |
|
SHA256 |
f0afe792177b3dddaf461a670525f1aa03f1c18d1ec466dcdf3a13b4c2f7b3d9 |
|
Family |
Unknown |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
Comments
Post a Comment