Phishing Attacks 24_3_2022



If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here 👇.


(1)

Sender ip

185.222.58.240

From

"flocon acc" <accounts@flocon-industries.com>"

Subject

"Re: RE: RE: RE: RE: RE: RE: RE: Re: RE: RE: Purchase of Wire Cutting, Stripping and Twisting Machine"

Attachment

"Sales Contract Copy.TAR"

MD5

40e05d66fa334f0e1595c1a6417fecab

SHA256

c57086d514c801eaded5f2b6e02b21784c8154f1423693bc9c40454c6bb79d85

Family

Formbook

 

(2)

Sender ip

107.173.104.75

From

"Yergazy Nurbekuly<info@highomeleds.com>"

Subject

"=?UTF-8?B?UmU6IFJFOiBBV1M6IG5ldyBvcmRlciAvUHJvZm9ybWEtSW52b2ljZSAvIE0vNDU2IOKAkyBNaWQgTWFyY2g=?="

Attachment

"INV NO. NATEX-126-2021 MARK.xlsx"

MD5

3f00b0dfc553c54f5f15db87eefac53c

SHA256

77cbd962724314ba756bf64eb7f5f0bdd6f52eaa68ea83e3d6911902690d6cc9

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(3)

 

Sender ip

149.72.28.69

From

"ben.webb@reed.com"

Subject

"Are you looking for an experienced Receptionist/Administrator with

over 25 years experience?"

Attachment

"Experienced Receptionist CV.docx"

MD5

0091610dd9467fa19e71f4f9d6fa8622

SHA256

8423da01d26e738b299b8427e582abb17b037091660101009a256d8c2eea746f

Family

unknown

 

 

(4)

 

Sender ip

62.197.136.162

From

"Mustafa Asaad <mubbasher.ansari@viega.ae>"

Subject

"RE : Order Specifications"

Attachment

"Order Specifications_.xlsx"

MD5

6e80d37d14fbf49bb7d5f34656c62c60

SHA256

fbf53ebacdc9ef0bf5833a25b50b3f4769e8f6ae7f565ce4520888747df8b729

Family

NanoCore

 

(5)

Sender ip

180.214.238.36

From

"Verna S. Garcia"<verna_garcia@dluxe.com.ph"

Subject

"RE: Re: Remittance Advice"

Attachment

"bank details.rar"

MD5

10e8c1702c57486e79dbf02338290bfc

SHA256

41b0b95391050c9ab35a14c1fb1b242885684eec9cdb661ea48e6d39a15e92c6

Family

Formbook

 

 (6)

Sender ip

69.55.235.152

From

"George Irving <statement@fmg.co.nz>"

Subject

"Re: Confirm Remittance of payment"

Attachment

"wire swift copy.zip"

MD5

7910c610f01178980eb3b77f43a146cc

SHA256

91ced8ae239b6f99a6b15217769d96e5ebf2b2575dd9b9a3e1abd4269133a7cb

Family

Formbook

 

(7)

Sender ip

31.210.20.91

From

"Kenji Okamoto(Mr.) <okamoto@shigematsu.co.jp>"

Subject

"PO-New Inquiry (581762)"

Attachment

"PONew Inquiry 581762 drawings specifications.tar.gz"

MD5

85942de4db48640a3ddf2c0a980f8531

SHA256

33c2c0cda92fa7cabd3d18af080d60d3142ed8ae505a876cccf4f5dbe1925865

Family

AveMariaRAT

 

(8)

Sender ip

45.58.41.24

From

"MR. Eson Yuan <admin@2080technologiesllc.partners>"

Subject

"Re: Amended contract and Invoice commercial"

Attachment

"amended contract and invoice commercial (2).xlsx"

MD5

4dd25dd92b5ec56a5ecc0614eb6bafba

SHA256

c18e5a14ec9346ff6aaeb0372840100c70865989fca652d398e2e2b95afc3a2b

Family

Formbook

 

(9)

Sender ip

45.58.41.24

From

"MR. Eson Yuan <admin@2080technologiesllc.partners>"

Subject

"Re: Amended contract and Invoice commercial"

Attachment

"amended contract and invoice commercial (2).xlsx"

MD5

4dd25dd92b5ec56a5ecc0614eb6bafba

SHA256

c18e5a14ec9346ff6aaeb0372840100c70865989fca652d398e2e2b95afc3a2b

Family

Formbook

 

(10)

Sender ip

185.222.58.50

From

"info@ebr.directory.com"

Subject

"EU Business Register 2022/2023"

Attachment

"Business Register.rar"

MD5

73599dbbdb8ee001000a682c82c459f3

SHA256

d7c7e4c48bd5425fa67897d421ea6e38ba006d6fb59df2084cc7f11f5fddf052

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(11)

Sender ip

45.137.22.55

From

"Caoxi " <caoxi@rzmejia.com>"

Subject

"20% PRE PAYMENT FOR MACKEREL ORDER"

Attachment

"PAYMENT COPY.zip"

MD5

21c7b212883138f7291099f9557b9cef

SHA256

288c00340ac753fccd80d05ab872ec8ad62a664cede9f59fe30b7a5512a52351

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

 (12)

Sender ip

209.85.221.193

From

"ATM MAIN DELIVERY UPDATE <castronellyjose@gmail.com>"

Subject

"FELICIDADES AFORTUNADO GANADOR"

Attachment

"BUENAS NOTICIAS FELIZ GANADOR FELICITACIONES.docx"

MD5

d23c579b03677ac8c2b06479ed9bf49f

SHA256

ba509bbf64be2ba170e79207b9ca11a9c94516dcef9663252ecdd6a6ef1d5300

Family

Unknown

 

(13)

Sender ip

45.137.22.55

From

"Sharon Jiang " <logistics@tapengineering.com>"

Subject

"RE: PARKING LIST FOR MARCH SHIPMENT"

Attachment

"PARKING LIST, BL AND TELEX.zip"

MD5

9ad08f8c339220ca3fe419bfaf3a35f3

SHA256

644ad6ff06f0f8b21ccf1479734184eddd8a899daeed1195afaf3ea05cb1cab0

Family

Formbook

 

(14)

Sender ip

45.137.22.55

From

"jessie.jiao@cn.yusen-logistics.com <jessie.jiao@cn.yusen-logistics.com>"

Subject

"(JHI-22097(KA21-31F Frozen Edamame) Packing List Invoice)"

Attachment

"KA21-31F packing list invoice.zip"

MD5

08f5bda54aad3d28c558f2e5b801d18d

SHA256

e59f889f2edac6c515cdbd10aaf61ce52a2100fec785bc5681ab49da7bf3ccf9

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(15)

Sender ip

45.137.22.156

From

"mahindranorthcoast@telkomsa.net"

Subject

"RE: Revised BL"

Attachment

"documents.zip"

MD5

10e431e28830ff84593cc804783cdcad

SHA256

c4cff9284965ae37e1555ce9a63369b14073fae347f357544872105e6f2add19

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.    

If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 

          https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA   

Comments

Popular posts from this blog

IOCs 7_8_2021

Phishing Attacks 3_3_2021

Phishing Attacks 23_4_2022