Phishing Attacks 24_3_2022
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here 
.
(1)
|
Sender
ip |
185.222.58.240 |
|
From |
"flocon
acc" <accounts@flocon-industries.com>" |
|
Subject |
"Re:
RE: RE: RE: RE: RE: RE: RE: Re: RE: RE: Purchase of Wire Cutting, Stripping
and Twisting Machine" |
|
Attachment |
"Sales
Contract Copy.TAR" |
|
MD5 |
40e05d66fa334f0e1595c1a6417fecab |
|
SHA256 |
c57086d514c801eaded5f2b6e02b21784c8154f1423693bc9c40454c6bb79d85 |
|
Family |
Formbook |
(2)
|
Sender
ip |
107.173.104.75 |
|
From |
"Yergazy
Nurbekuly<info@highomeleds.com>" |
|
Subject |
"=?UTF-8?B?UmU6IFJFOiBBV1M6IG5ldyBvcmRlciAvUHJvZm9ybWEtSW52b2ljZSAvIE0vNDU2IOKAkyBNaWQgTWFyY2g=?=" |
|
Attachment |
"INV
NO. NATEX-126-2021 MARK.xlsx" |
|
MD5 |
3f00b0dfc553c54f5f15db87eefac53c |
|
SHA256 |
77cbd962724314ba756bf64eb7f5f0bdd6f52eaa68ea83e3d6911902690d6cc9 |
|
Family |
AgentTesla |
(3)
|
Sender
ip |
149.72.28.69 |
|
From |
"ben.webb@reed.com" |
|
Subject |
"Are
you looking for an experienced Receptionist/Administrator with over
25 years experience?" |
|
Attachment |
"Experienced
Receptionist CV.docx" |
|
MD5 |
0091610dd9467fa19e71f4f9d6fa8622 |
|
SHA256 |
8423da01d26e738b299b8427e582abb17b037091660101009a256d8c2eea746f |
|
Family |
unknown |
(4)
|
Sender
ip |
62.197.136.162 |
|
From |
"Mustafa
Asaad <mubbasher.ansari@viega.ae>" |
|
Subject |
"RE
: Order Specifications" |
|
Attachment |
"Order
Specifications_.xlsx" |
|
MD5 |
6e80d37d14fbf49bb7d5f34656c62c60 |
|
SHA256 |
fbf53ebacdc9ef0bf5833a25b50b3f4769e8f6ae7f565ce4520888747df8b729 |
|
Family |
NanoCore |
(5)
|
Sender
ip |
180.214.238.36 |
|
From |
"Verna
S. Garcia"<verna_garcia@dluxe.com.ph" |
|
Subject |
"RE:
Re: Remittance Advice" |
|
Attachment |
"bank
details.rar" |
|
MD5 |
10e8c1702c57486e79dbf02338290bfc |
|
SHA256 |
41b0b95391050c9ab35a14c1fb1b242885684eec9cdb661ea48e6d39a15e92c6 |
|
Family |
Formbook |
(6)
|
Sender
ip |
69.55.235.152 |
|
From |
"George
Irving <statement@fmg.co.nz>" |
|
Subject |
"Re:
Confirm Remittance of payment" |
|
Attachment |
"wire
swift copy.zip" |
|
MD5 |
7910c610f01178980eb3b77f43a146cc |
|
SHA256 |
91ced8ae239b6f99a6b15217769d96e5ebf2b2575dd9b9a3e1abd4269133a7cb |
|
Family |
Formbook |
(7)
|
Sender
ip |
31.210.20.91 |
|
From |
"Kenji
Okamoto(Mr.) <okamoto@shigematsu.co.jp>" |
|
Subject |
"PO-New
Inquiry (581762)" |
|
Attachment |
"PONew
Inquiry 581762 drawings specifications.tar.gz" |
|
MD5 |
85942de4db48640a3ddf2c0a980f8531 |
|
SHA256 |
33c2c0cda92fa7cabd3d18af080d60d3142ed8ae505a876cccf4f5dbe1925865 |
|
Family |
AveMariaRAT |
(8)
|
Sender
ip |
45.58.41.24 |
|
From |
"MR.
Eson Yuan <admin@2080technologiesllc.partners>" |
|
Subject |
"Re:
Amended contract and Invoice commercial" |
|
Attachment |
"amended
contract and invoice commercial (2).xlsx" |
|
MD5 |
4dd25dd92b5ec56a5ecc0614eb6bafba |
|
SHA256 |
c18e5a14ec9346ff6aaeb0372840100c70865989fca652d398e2e2b95afc3a2b |
|
Family |
Formbook |
(9)
|
Sender
ip |
45.58.41.24 |
|
From |
"MR.
Eson Yuan <admin@2080technologiesllc.partners>" |
|
Subject |
"Re:
Amended contract and Invoice commercial" |
|
Attachment |
"amended
contract and invoice commercial (2).xlsx" |
|
MD5 |
4dd25dd92b5ec56a5ecc0614eb6bafba |
|
SHA256 |
c18e5a14ec9346ff6aaeb0372840100c70865989fca652d398e2e2b95afc3a2b |
|
Family |
Formbook |
(10)
|
Sender
ip |
185.222.58.50 |
|
From |
"info@ebr.directory.com" |
|
Subject |
"EU
Business Register 2022/2023" |
|
Attachment |
"Business
Register.rar" |
|
MD5 |
73599dbbdb8ee001000a682c82c459f3 |
|
SHA256 |
d7c7e4c48bd5425fa67897d421ea6e38ba006d6fb59df2084cc7f11f5fddf052 |
|
Family |
AgentTesla |
(11)
|
Sender
ip |
45.137.22.55 |
|
From |
"Caoxi
" <caoxi@rzmejia.com>" |
|
Subject |
"20%
PRE PAYMENT FOR MACKEREL ORDER" |
|
Attachment |
"PAYMENT
COPY.zip" |
|
MD5 |
21c7b212883138f7291099f9557b9cef |
|
SHA256 |
288c00340ac753fccd80d05ab872ec8ad62a664cede9f59fe30b7a5512a52351 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(12)
|
Sender
ip |
209.85.221.193 |
|
From |
"ATM
MAIN DELIVERY UPDATE <castronellyjose@gmail.com>" |
|
Subject |
"FELICIDADES
AFORTUNADO GANADOR" |
|
Attachment |
"BUENAS
NOTICIAS FELIZ GANADOR FELICITACIONES.docx" |
|
MD5 |
d23c579b03677ac8c2b06479ed9bf49f |
|
SHA256 |
ba509bbf64be2ba170e79207b9ca11a9c94516dcef9663252ecdd6a6ef1d5300 |
|
Family |
Unknown |
(13)
|
Sender
ip |
45.137.22.55 |
|
From |
"Sharon
Jiang " <logistics@tapengineering.com>" |
|
Subject |
"RE:
PARKING LIST FOR MARCH SHIPMENT" |
|
Attachment |
"PARKING
LIST, BL AND TELEX.zip" |
|
MD5 |
9ad08f8c339220ca3fe419bfaf3a35f3 |
|
SHA256 |
644ad6ff06f0f8b21ccf1479734184eddd8a899daeed1195afaf3ea05cb1cab0 |
|
Family |
Formbook |
(14)
|
Sender
ip |
45.137.22.55 |
|
From |
"jessie.jiao@cn.yusen-logistics.com
<jessie.jiao@cn.yusen-logistics.com>" |
|
Subject |
"(JHI-22097(KA21-31F
Frozen Edamame) Packing List Invoice)" |
|
Attachment |
"KA21-31F
packing list invoice.zip" |
|
MD5 |
08f5bda54aad3d28c558f2e5b801d18d |
|
SHA256 |
e59f889f2edac6c515cdbd10aaf61ce52a2100fec785bc5681ab49da7bf3ccf9 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(15)
|
Sender
ip |
45.137.22.156 |
|
From |
"mahindranorthcoast@telkomsa.net" |
|
Subject |
"RE:
Revised BL" |
|
Attachment |
"documents.zip" |
|
MD5 |
10e431e28830ff84593cc804783cdcad |
|
SHA256 |
c4cff9284965ae37e1555ce9a63369b14073fae347f357544872105e6f2add19 |
|
Family |
AgentTesla |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
Comments
Post a Comment