Phishing Attacks 1_11_2021
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here 
.
(1)
|
Sender
ip |
103.167.84.87 |
|
From |
"BungaRaya
<bungaraya@bungarayapanel.com>" |
|
Subject |
"Re:
Re: Pittsburgh Forest Products RFQ 36615 and 35565" |
|
Attachment |
"Q.2021.03.17
PFP...zip" |
|
MD5 |
b2ee85b622175bb0833c118c9cc075f1 |
|
SHA256 |
98f79da1064628267c785c8e3c53ae6de02d38594e30f9565637dee7220f1db2 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(2)
|
Sender
ip |
103.167.84.87 |
|
From |
"Sha
Oceanmasters <sharani@oceanmasters.co>" |
|
Subject |
"Re:
Re: Invoice 16-36-55" |
|
Attachment |
"2108-WFF
SOA AUG21 revised2.xlsx.zip" |
|
MD5 |
955bfe62cb23624b7d7c4943566e6bd7 |
|
SHA256 |
498cdc5d302f14d27fc7286e7ccf572a678cd831958e0148b9286754e8519b2d |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(3)
|
Sender
ip |
185.222.57.150 |
|
From |
"sales@onetouch.com.tw" |
|
Subject |
"PAYMENT
COPY" |
|
Attachment |
"1zqVsr2TzG7M6EA.rar" |
|
MD5 |
4505c09bb3c82e2f09741d99cdef8c43 |
|
SHA256 |
0356ec61b2a270db0367af190de7b9b8af9d78b58949bd2fdaa5c5eeae65cbaa |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(4)
|
Sender
ip |
180.214.237.130 |
|
From |
"LAANAYA
Zaineb"< z.laanaya@dynamicconsultinglogistics.ma" |
|
Subject |
"DHL
Overdue Invoice Notice - 117704" |
|
Attachment |
"Invoice
Notice - 117704.rar" |
|
MD5 |
e589011ae76f8b63225bf41169ef874a |
|
SHA256 |
2709e76592bed4759800500bd3ae1c803532e93a40a0e882ef5730489b39d364 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(5)
|
Sender
ip |
45.137.22.156 |
|
From |
"MAERSK
SHIPPING<marietherese.diouf@msc.com>" |
|
Subject |
"Re:
Shipping Advice - ETD 21OCT. 2021" |
|
Attachment |
"SHIPPING
DOCUMENTS.zip" |
|
MD5 |
51bba64dd658978857dd7c09d7826180 |
|
SHA256 |
60c26cd0aa41687b0540da14eca58a567ef7aac49de89397b8d6129e1ac04e6f |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(6)
|
Sender
ip |
45.137.22.156 |
|
From |
"Valcris
Group<ahasanain@ali-alghanim.net>" |
|
Subject |
"Re:
QUOTATION" |
|
Attachment |
"Attached-Payment
Done Today" |
|
MD5 |
877f62f12baf6b2fdbdae563b2bba113 |
|
SHA256 |
01692f885523ea188bbf0ba8e5fb8bd80e8e210e92a2f356684e53dda4fde3c1 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
|
Sender
ip |
185.222.57.209 |
|
From |
"Return-Path:
<paul.yip@speedmark.com.hk>" |
|
Subject |
"RE:
Statement of Account as at 30th OCT 2021" |
|
Attachment |
"S
O A -4395494934HJ.zip" |
|
MD5 |
498465d5ab6dba5dc0744f8f8a024799 |
|
SHA256 |
d48358c28e550a88ea1f24f3f8c92eeb847b18816b6a1523dd2a7ea1c7254786 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(8)
|
Sender
ip |
103.232.55.238 |
|
From |
"Maggie
Zeng"<5idhl_noreply@dhl.com>" |
|
Subject |
"Re:
Fw: DHL Overdue Outstanding Payment For Sept,16 / Total Amount is
($15,670.00)" |
|
Attachment |
"Invoice
Overdue_C0809-H03.xls.7z.001" |
|
MD5 |
2a99f8dd0632b2200f8ceb2ba7946721 |
|
SHA256 |
daa162d2daf2d7f364169147f12f8c16e4e3ab9a4ba7a21218f738afa043892a |
|
Family |
Unknwon |
(9)
|
Sender
ip |
180.214.237.130 |
|
From |
"sajee.r@th.de-well.com"<sajee.r@th.de-well.com" |
|
Subject |
"RE:balance
70% payment" |
|
Attachment |
"SOA.rar" |
|
MD5 |
c8f4b7f1cb4487c13a38f9dadc699363 |
|
SHA256 |
e4f77176e69e4b7438c5db79119719188bdf9a9841987965b481c4b1cba6aa14 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(10)
|
Sender
ip |
45.137.22.61 |
|
From |
"info@dijlashipping.com" |
|
Subject |
"RE:
SHIPPING DOCUMENT & PACKING LIST" |
|
Attachment |
"DOC.zip" |
|
MD5 |
ee66a1d65e377e4d24918902de1a2e2e |
|
SHA256 |
361b6e7d0ed1527f9ffc914c5eec845716d3c717428eced065fd56e49508f4e9 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(11)
|
Sender
ip |
103.232.55.238 |
|
From |
"=?UTF-8?B?IkVlbGVlbiBDaGVuZyAo6ZKf5L6d55CzKSI=?=<echeng@agility.com>" |
|
Subject |
"Reply:
Fw Re: Balance Payment***Urgent!" |
|
Attachment |
"Balance
Payment.wim.001" |
|
MD5 |
bfcf7c98bbb460dace9d960323dbd19f |
|
SHA256 |
db7f0b985912048ea8ce34ddb954115f06c8e9a5bfb1f2cab28ddac48db893d6 |
|
Family |
Unknown |
(12)
|
Sender
ip |
103.167.84.87 |
|
From |
"BungaRaya
<bungaraya@bungarayapanel.com>" |
|
Subject |
"Re:
Re: Pittsburgh Forest Products RFQ 36615 and 35565" |
|
Attachment |
"Q.2021.03.17
PFP...zip" |
|
MD5 |
00e270a5f033cbcc5176643f39094ec5 |
|
SHA256 |
ca2528470091c6328ae7e15c2407cfb653028629b3995898606e77d91d7fd9ea |
|
Family |
AgentTesla |
(13)
|
Sender
ip |
103.167.84.87 |
|
From |
"Sha
Oceanmasters <sharani@oceanmasters.co>" |
|
Subject |
"Re:
Re: Invoice 16-36-55" |
|
Attachment |
"2108-WFF
SOA AUG21 revised2.xlsx.zip" |
|
MD5 |
3d6dcfe52ad3b0635700768a8240cc6f |
|
SHA256 |
3c80cad1ba9ebe9f38928b375e05240ce5598d422734b6a38d52a2be43baab21 |
|
Family |
Unknown |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Comments
Post a Comment