Phishing Attacks 3_3_2021
If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here 
.
(1)
|
Sender ip |
45.137.22.124 |
|
From |
"Cheng
Yong"<rosa@franball.net>" |
|
Subject |
"RV: Shipping advice - 2nd
container under ct.876" |
|
Attachment |
"SHIPPING
ADVICE#202203.zip" |
|
MD5 |
aa2d18552a8d5041e4c757cee09f2c4d |
|
SHA256 |
0628b564bad3c4e59644e91398899f88143aa2eb3473e720270fb1566c628d60 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(2)
|
Sender ip |
2.56.56.35 |
|
From |
"contato@vastoverde.com.br" |
|
Subject |
"fwd :Outstanding Remittance
payment" |
|
Attachment |
"receipt_pdf.z" |
|
MD5 |
32ef047b457f4bb801bc512f3f74627c |
|
SHA256 |
81010dd1b7cf3e595e76e7afdad452029a08b90dd4ccc7ea6acfdbfef907667c |
|
Family |
SnakeKeylogger |
(3)
|
Sender ip |
45.137.22.176 |
|
From |
"mansonfamily1@hotmail.com |
|
Subject |
"Outstanding Remittance
Payment" |
|
Attachment |
"Outstanding Remittance
Payment.zip" |
|
MD5 |
57205b2bb2f9e0ac4e8d780a569ff56a |
|
SHA256 |
8adccc02488bc856c96c1f4491df7ab6f47008672b7ece3fcfb7eb6a8c4c6ec1 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(4)
|
Sender ip |
185.222.57.88 |
|
From |
"SAK <jventas@pucoma.com>" |
|
Subject |
"RE: Payment Copy" |
|
Attachment |
"swift 03120220231.r09" |
|
MD5 |
b6a0af969566b9ba2cd062689d4e88c0 |
|
SHA256 |
2e06981ecb4d5b03e8abafcf4b69799b01605f9644693f514fe91804f7b78e50 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(5)
|
Sender ip |
103.156.93.66 |
|
From |
"Gopika-ASJS
<accounts@asjs.co.in>" |
|
Subject |
"REQUEST FOR STATEMENT OF
ACCOUNT (SOA)" |
|
Attachment |
"SOA.zip" |
|
MD5 |
cb9d5cfebedc5df44071ce248b1a3c39 |
|
SHA256 |
cc1632b3129c671b3365e302e59b3eb0d0c6cea65a8d65b6465af0e3af20301b |
|
Family |
Formbook |
(6)
|
Sender ip |
185.222.57.201 |
|
From |
"Harry Xie
<sales@tongchantools.com>" |
|
Subject |
"=?UTF-8?B?UkZRIE5ldyBPcmRlciAtIDU3bcKzIExQRyBTRU1JIFRSQUlMRVIgNyBOT1Mu?=" |
|
Attachment |
"RFQ New Order - 57m� LPG SEMI TRAILER 7
NOS.pdf.7z" |
|
MD5 |
8f14d0de9367d455cbf894f7aa5acb3a |
|
SHA256 |
0c951dea0fb8fd9afdab7278f24b669ab86b19f386749d150659e38b7f3f2047 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
|
Sender ip |
45.87.62.209 |
|
From |
"Jeddah
<jeddah01@kinlonq.com> |
|
Subject |
"Fwd Re:Re:Re:Re:Re:Re:RE:
Re:RFQ Water Front {Project in hand} URGENT" |
|
Attachment |
"Kin Long Quotation sheet for
Kanaan pdf.zip" |
|
MD5 |
9743e3c67cf98f94761c1a66d2052d71 |
|
SHA256 |
c601e903383bdf6fdab62dee9fb63fa3ed1b446e723f7835e18fa22fb7d1d40f |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(8)
|
Sender ip |
103.156.93.66 |
|
From |
"Mendias, Margarita
<Margarita.Mendias@webasto.com>" |
|
Subject |
"=?UTF-8?B?UE8gIyA0NTAwNTk0MzIwIFdlYmFzdG8gTcOpeGljbw==?=" |
|
Attachment |
"PO#.zip" |
|
MD5 |
81a3b863adacf4c7737d6d6db94d0370 |
|
SHA256 |
7188da0280594e4277cfbdfab4ac468b49122e36d340502c871ad06954cd10df |
|
Family |
Formbook |
(9)
|
Sender ip |
45.137.22.190 |
|
From |
"Gaje-Vels <
gaje@velshippingservices.com >" |
|
Subject |
"NEW QUOTATION" |
|
Attachment |
"NEW QUOTATION.zip" |
|
MD5 |
6d1c2e18ae0cf27d4c5f9dff7e0d3764 |
|
SHA256 |
d953d77efbae7d1acd8905374fb886e504af261f1df4ccb1381392e700ed7418 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(10)
|
Sender ip |
212.192.241.164 |
|
From |
"Bobby Shah
<bobby@highlifepharma.com>" |
|
Subject |
"New Order" |
|
Attachment |
"Order 3.2.22.r11" |
|
MD5 |
ab2e2c1a27eb8ffb2dac4b4afc110aa8 |
|
SHA256 |
7416057c48d431c84dbf120707f6910ac14c4c88cfdba9f7f9f13a988c3b201c |
|
Family |
NanoCore |
(11)
|
Sender ip |
45.137.22.190 |
|
From |
"VALERIE
<sales06@topworld-logistics.com>" |
|
Subject |
"Draft BL and Parking List
for your reference" |
|
Attachment |
"NEW PURCHASE ORDER.zip" |
|
MD5 |
ad5ed615bb3ad475cec3054097065ab9 |
|
SHA256 |
a1763090ed4034304321f196235a3483d894aaf284c795e4841aea19ec7062ae |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(12)
|
Sender ip |
103.89.89.150 |
|
From |
"Dong Sen Xue(EAO CSD)(DHL CN)<dongsen.xue@dhl.com>" |
|
Subject |
"Fwd: REQUEST FOR STATEMENT
OF ACCOUNT (SOA)" |
|
Attachment |
"STATEMENT_OF_ACCOUNT.rar" |
|
MD5 |
41b596d580a2f3df76a06dc57f4d48af |
|
SHA256 |
0b808dda2679314f621047ac17d58914001d8e7f1d1861dcd4a2bce570441e83 |
|
Family |
AgentTesla |
(13)
|
Sender ip |
45.137.22.55 |
|
From |
"chris.lu@jetspeed.com"
<chris.lu@jetspeed.com>" |
|
Subject |
"=?UTF-8?B?UmU6IFMwMDE2NzU5MiDov5vlj6MgKFMwMDE2NzU5MiBJbXBvcnQpIChDdXN0b20gRGVjbGFyYXRpb24p?=" |
|
Attachment |
"SCANNED CUSTOM
DECLRATAION.zip" |
|
MD5 |
016ccd495a1dce58a6a9b8e873c663b2 |
|
SHA256 |
b01748995b1afb8fc1b679ebdac73191d2d4337bcee13fd552cdc1ff91cd4bf6 |
|
Family |
AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(14)
|
Sender ip |
104.168.141.214 |
|
From |
"Mostafa Fathy "
<jowhar@astikitline.club>" |
|
Subject |
"Re: Purchase Order" |
|
Attachment |
"PO_02_03_2022.xlsx" |
|
MD5 |
b57f729417e40cee8f64ab296782cb2d |
|
SHA256 |
ad1644db1a9f64f7423b5a0aafd86ce70a19668943fd0b0cb9c5b3ee09593662 |
|
Family |
Formbook |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
Comments
Post a Comment