Phishing Attacks 1_11_2021

 


If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here .

My udemy course



(1)

Sender ip

103.167.84.87

From

"BungaRaya <[email protected]>"

Subject

"Re: Re: Pittsburgh Forest Products RFQ 36615 and 35565"

Attachment

"Q.2021.03.17 PFP...zip"

MD5

b2ee85b622175bb0833c118c9cc075f1

SHA256

98f79da1064628267c785c8e3c53ae6de02d38594e30f9565637dee7220f1db2

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(2)

Sender ip

103.167.84.87

From

"Sha Oceanmasters <[email protected]>"

Subject

"Re: Re: Invoice 16-36-55"

Attachment

"2108-WFF SOA AUG21 revised2.xlsx.zip"

MD5

955bfe62cb23624b7d7c4943566e6bd7

SHA256

498cdc5d302f14d27fc7286e7ccf572a678cd831958e0148b9286754e8519b2d

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(3)

 

Sender ip

185.222.57.150

From

"[email protected]"

Subject

"PAYMENT COPY"

Attachment

"1zqVsr2TzG7M6EA.rar"

MD5

4505c09bb3c82e2f09741d99cdef8c43

SHA256

0356ec61b2a270db0367af190de7b9b8af9d78b58949bd2fdaa5c5eeae65cbaa

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.  

(4) 

Sender ip

180.214.237.130

From

"LAANAYA Zaineb"< [email protected]"

Subject

"DHL Overdue Invoice Notice - 117704"

Attachment

"Invoice Notice - 117704.rar"

MD5

e589011ae76f8b63225bf41169ef874a

SHA256

2709e76592bed4759800500bd3ae1c803532e93a40a0e882ef5730489b39d364

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(5)

Sender ip

45.137.22.156

From

"MAERSK SHIPPING<[email protected]>"

Subject

"Re: Shipping Advice - ETD 21OCT. 2021"

Attachment

"SHIPPING DOCUMENTS.zip"

MD5

51bba64dd658978857dd7c09d7826180

SHA256

60c26cd0aa41687b0540da14eca58a567ef7aac49de89397b8d6129e1ac04e6f

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

 (6)

Sender ip

45.137.22.156

From

"Valcris Group<[email protected]>"

Subject

"Re: QUOTATION"

Attachment

"Attached-Payment Done Today"

MD5

877f62f12baf6b2fdbdae563b2bba113

SHA256

01692f885523ea188bbf0ba8e5fb8bd80e8e210e92a2f356684e53dda4fde3c1

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(7)

Sender ip

185.222.57.209

From

"Return-Path: <[email protected]>"

Subject

"RE: Statement of Account as at 30th OCT 2021"

Attachment

"S O A -4395494934HJ.zip"

MD5

498465d5ab6dba5dc0744f8f8a024799

SHA256

d48358c28e550a88ea1f24f3f8c92eeb847b18816b6a1523dd2a7ea1c7254786

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(8)

Sender ip

103.232.55.238

From

"Maggie Zeng"<[email protected]>"

Subject

"Re: Fw: DHL Overdue Outstanding Payment For Sept,16 / Total Amount is ($15,670.00)"

Attachment

"Invoice Overdue_C0809-H03.xls.7z.001"

MD5

2a99f8dd0632b2200f8ceb2ba7946721

SHA256

daa162d2daf2d7f364169147f12f8c16e4e3ab9a4ba7a21218f738afa043892a

Family

Unknwon

 

(9)

Sender ip

180.214.237.130

From

"[email protected]"<[email protected]"

Subject

"RE:balance 70% payment"

Attachment

"SOA.rar"

MD5

c8f4b7f1cb4487c13a38f9dadc699363

SHA256

e4f77176e69e4b7438c5db79119719188bdf9a9841987965b481c4b1cba6aa14

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(10)

Sender ip

45.137.22.61

From

"[email protected]"

Subject

"RE: SHIPPING DOCUMENT & PACKING LIST"

Attachment

"DOC.zip"

MD5

ee66a1d65e377e4d24918902de1a2e2e

SHA256

361b6e7d0ed1527f9ffc914c5eec845716d3c717428eced065fd56e49508f4e9

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(11)

Sender ip

103.232.55.238

From

"=?UTF-8?B?IkVlbGVlbiBDaGVuZyAo6ZKf5L6d55CzKSI=?=<[email protected]>"

Subject

"Reply: Fw Re: Balance Payment***Urgent!"

Attachment

"Balance Payment.wim.001"

MD5

bfcf7c98bbb460dace9d960323dbd19f

SHA256

db7f0b985912048ea8ce34ddb954115f06c8e9a5bfb1f2cab28ddac48db893d6

Family

Unknown

 (12)

Sender ip

103.167.84.87

From

"BungaRaya <[email protected]>"

Subject

"Re: Re: Pittsburgh Forest Products RFQ 36615 and 35565"

Attachment

"Q.2021.03.17 PFP...zip"

MD5

00e270a5f033cbcc5176643f39094ec5

SHA256

ca2528470091c6328ae7e15c2407cfb653028629b3995898606e77d91d7fd9ea

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla

(13)

Sender ip

103.167.84.87

From

"Sha Oceanmasters <[email protected]>"

Subject

"Re: Re: Invoice 16-36-55"

Attachment

"2108-WFF SOA AUG21 revised2.xlsx.zip"

MD5

3d6dcfe52ad3b0635700768a8240cc6f

SHA256

3c80cad1ba9ebe9f38928b375e05240ce5598d422734b6a38d52a2be43baab21

Family

Unknown

 

If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 

          https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA 




Article Link: Phishing Attacks 1_11_2021