Phishing Attacks 23_4_2022

 


If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here 👇.

My udemy course 

(1)

Sender ip

180.214.238.82

From

"Dang Thi Thu Hien<hiendang@panpacific.co.kr>"

Subject

"RE: [SSC CS] F22 03/09 Buy Shipping request_04062022"

Attachment

"SEALOGISTICS DEBIT NOTE.zip"

MD5

add8e964a595d7af30f02783943c3a00

SHA256

24f6485539bc5d700d17ec8d629827ea80dfae2eb2189e872f4b8ae0e7f1d66f

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.    

(2)

Sender ip

138.197.200.182

From

"Nguyen Thi Quy <nguyen@47.fximnii.sbs>"

Subject

"RE: Purchase Inquiry: KPC/PU-231(MECH)NBI/20-22"

Attachment

"Purchase Inquiry_pdf.rar"

MD5

0a1467a257bee63ce2a381c08265e27b

SHA256

f9d31ceab4db890241e0229869c34dd81f1b792797adbbf4e777de1abc242a73

Family

Loki

 

(3)

 

Sender ip

2.56.56.88

From

"pranii@pacificbasin.com"

Subject

"quotation re-submmision "

Attachment

"quotation.pdf.zip"

MD5

f6859e7d76d9b97099bddcaef4d176f7

SHA256

3aebb2587f146e7df15f2537b97c4010ee0f21eaa68f7219d3d23247366c55d3

Family

Unknown

 

 

(4)

 

Sender ip

185.222.58.93

From

"Shoei Kisen Kaisha, Ltd" <ochi.aya@shoei-kisen.com>"

Subject

"Inquiry: MVTOLEDO TRIUMPH (revised)"

Attachment

"INQUIRY-DRAWING.bat.gz"

MD5

6488fb9bc8e597f68c5e792ea06977b7

SHA256

394e0c707a2055db6a4b96ff55bcf46328274152f8b09e1e934954a2b70cd8ce

Family

AveMariaRAT

 

(5)

Sender ip

180.214.238.82

From

"jerry<jerry@goldenrock.cn>"

Subject

"Re: Shipping Advice - ETD 22 APR. 2022"

Attachment

"SHIPPING ADVICE#SHELLSEA.zip"

MD5

1dd6a25cde677c427823bdbc9f63e365

SHA256

4c9bf38ca90e14651d2498e021d4dec5a9987ef64cd05006e5af6f0ceda0cdbe

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.    

 (6)

Sender ip

185.222.57.233

From

"fajar@combilogistics.co.id"

Subject

"PO121879"

Attachment

"PO121879.r13"

MD5

3475d4431afcd9c6262eff9ea2158f0c

SHA256

f450126e36db8236a9dc2339c3f87e4e2dc14e2a3a21dda89bf65ef678a50229

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.    

(7)

Sender ip

185.222.57.240

From

"CAPT. ELFATIH M. IDRIS)" <Elfatih.Idris@walarbab.com>"

Subject

"RE:SOA-outstandingEUR 106902.50"

Attachment

"updated SOA[K9DMVRKF].zip"

MD5

4dc4a542a2ff8f30ef5c38c211f57b88

SHA256

b1adfeaca106d8dc9e2498a5d89ccc346c370437cf3a68a74aaf80aa9243867d

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.    

(8)

Sender ip

103.232.55.159

From

"moyi@edayun.cn"<moyi@edayun.cn"

Subject

"Re: Remittance Advice"

Attachment

"invoice.rar"

MD5

03fb969fc042a2a3facb412d14a5b181

SHA256

0781563793d33503140a19bdf4d9f9a0f97a7d538a697746705b86f00fe7c2ea

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(9)

Sender ip

180.214.238.82

From

"Dang Thi Thu Hien<hiendang@panpacific.co.kr>"

Subject

"RE: [SSC CS] F22 03/09 Buy Shipping request_04062022"

Attachment

"CURRENT DEBIT NOTE.zip"

MD5

6be9f5760694f751a0f0f5ceaf895bbe

SHA256

08978f1d94347f9782d17a2249ee4d416c38c3f060ea0e0c59be4327f73eb3e7

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(10)

Sender ip

212.192.241.113

From

"Friday Robot <friday.robert@outreachmedialtd.net>"

Subject

"APRIL PURCHASE ORDER NEW 2022,TREAT AS URGENT"

Attachment

"APRIL NEW ORDER 2022.gz"

MD5

f14295060cd9bc5cd0ddc19f7125c6f7

SHA256

cbc1a87cf822070c64227c1f2b2485692bc75a4ba7d0f141e6d25e9f264336c2

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(11)

Sender ip

185.222.57.240

From

"DGI Undel (DHL)" <dgi.undel@dhl.com>"

Subject

"RE; Import Custom Duty Payment"

Attachment

"Custom Duty.zip"

MD5

40956e934131156991cf96df6fd80092

SHA256

a548be9f8bf199a7b5403e7636a8af3f9c2e063c8288ad05744dff1e8f2158c0

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.    

(12)

Sender ip

185.222.57.240

From

"Japan Marine-Team C"<salesfive@jmsgroup.jp>"

Subject

"Request for Quotation of our Inquiry No. TIM-037/2022e-I003"

Attachment

"No. TIM-0372022e-I003.zip"

MD5

f12d4656d8f62fef5b8e905d1709fd36

SHA256

14993e0604ce8e0b7948b6abaca355a91af97fbcb528c25bc1e804561cddd327

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(13)

Sender ip

185.222.57.233

From

"Sandhya <sandhya@alhuraizgroup.ae>"

Subject

"Re: PO/PROFORMA INVOICE"

Attachment

"PO-PROFORMA INVOICE.r13"

MD5

783d9c8e359e74ad4b43aa7f092d3f71

SHA256

6a92304fbafc74aab184e275a37c417e31936d6a63ec620de592478fba06629c

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(14)

Sender ip

199.10.31.237

From

"inquiry@finicare.com"

Subject

"Product Inquiry"

Attachment

"Product Inquiry.rar"

MD5

1810d5330f793e22d81f85e83997033e

SHA256

e7e6fa2315fdf9ce0c69d3c3963ca7ca78a0824434521d31bdc5cfb8b5f83586

Family

SnakeKeylogger

 

(15)

Sender ip

185.222.57.233

From

"Abdul Wahab Ali Hassan Al Dhahri (GTS Development & MIS) <abdulwahaba@bankmuscat.com>"

Subject

"RE: [External Mail]DHL Way Bill & Reference No"

Attachment

"DHL Way Bill & Reference No.r13"

MD5

f96c2d473aef8bb457e71baa874b2fa2

SHA256

a93407bfd5093a87b2228f11a4532fbd1b687872a0a0392876be12bfbc2fd0b5

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(16)

Sender ip

162.243.160.76

From

"John<joewalker@thekmgroup.co.uk>"

Subject

"Purchase order for WEC Group"

Attachment

"PO 202204TR.lzh"

MD5

6b8fc6dfd10cbe08fc93abb917c659e3

SHA256

748d9b1717a39fcf1b335244a11095deb0240d4d02bf3141e57a07cc9f60645e

Family

AveMariaRAT

 

If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 

          https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA

Comments

Post a Comment

Popular posts from this blog

IOCs 7_8_2021

Image
  (1) File Name Netflix Checker AutoProxy.rar Created process Qsbb.exe Connected (Ip/Dns) Fhruhceio[.]eu5[.]org MD5 54407258f1e20055897fe7dad504a5dc SHA256 4c54592475d4636eb0fe0555dbe44813332059d787c755571797484b87983a50 Family njRAT   (2) File Name Start.exe Created process yGYkD7gHOX.exe Connected (Ip/Dns) Telete[.]in MD5 e123bd2a5d074027510e792b92bce913 SHA256 245c87b29983815f1bad519d8490e4fae064ec3f4788781f3944cbe4ad7e8e8b Family Raccoon   (3) File Name Banco do Brasil_eDeclaração_SMX_046_6-08-2021_SWIFT.COPY.exe Created process Banco do Brasil_eDeclaração_SMX_046_6-08-2021_SWIFT.COPY.exe Connected (Ip/Dns) www[.]transinta[.]com MD5 c5
Read more

Phishing Attacks 15_2_2021

Image
  If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here  . My udemy course (1) Sender ip 137.184.90.200 From "<zita@anthonybirch.ml>" Subject "Attached our formal P/O : 4501226854." Attachment "PO - 4501226854,pdf (1).iso" MD5 9addd85060db79af3b0ac0e3011c69c1 SHA256 b0b0135c292340ab5993a9f2bea6f3f6e6478fb5883fe2e1ef67c60cf3dd0944 Family Formbook   (2) Sender ip 143.198.41.151 From "Gilbert Anderson <info@digimaincheckshower.com>" Subject "Please accept my applicant " Attachment "Approvald-32134.doc" MD5 40582aacc0f7f8a0946a64249dae4767 SHA256 1b97ac97a845c9f63cf7308e3f6f983
Read more