(1)
Sender ip | 193.56.29.138 |
From | "Adolfo Posada Duque <[email protected]>" |
Subject | "Bioquiram-Purchase request" |
Attachment | "Customer001987_rfq-deaho.xlsx" |
MD5 | 009c97a279ca9082088dba2dcf8907e4 |
SHA256 | e4be4ce928395ea670d27d2103761ed240cc5a2fb46e8e7ee34c88aef6fa156e |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(2)
Sender ip | 46.183.223.126 |
From | "Shreyas Ramesh" <[email protected]>" |
Subject | "Purchase Order Confirmation " |
Attachment | "Purchase Order.doc" |
MD5 | 68fe0bd120a18d2a247f3322e948463b |
SHA256 | 0479439b257470151391a12e00899084a9455b750fd87ef44f3d68daa2c8a6f6 |
Family | Unknown |
(3)
Sender ip | 185.222.58.158 |
From | "Saif Khan<[email protected]>" |
Subject | "RE:Bank Slip and our New P.O copy." |
Attachment | "Bank Slip and our New P.O copy.pdf.ace" |
MD5 | 3d487ab8ebbba7bad5687c981ec9ccbf |
SHA256 | 499ef36050a153956d152d098eb77810da5418a7611903d3ab38644ccd4eef17 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(4)
Sender ip | 185.222.58.149 |
From | "=?UTF-8?B?RGF2aWQgTmfCoA==?=<[email protected]>" |
Subject | "=?UTF-8?B?UkU6UkVDT05GSVJNIEJBTksgREVUQUlMUyBGT1LCoFBBWU1FTlQ=?=" |
Attachment | "BANK DETAILS.zip" |
MD5 | 59a096315bff6761129aaa01bde9fd48 |
SHA256 | af275a56902333d452e5851bdbbf6423d367f8cf1fbb454cf7b6bee5dd48b707 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(5)
Sender ip | 185.222.58.136 |
From | |
Subject | "=?UTF-8?B?5paw5o6h6LO86KiC5Zau77yaNDgwMTA0NzM=?=" |
Attachment | "INVO090090202.zip" |
MD5 | c1f36d29ed3c343563e7db949f70d30f |
SHA256 | 05aa1ccabf21b2476832f9b686d83652d5a977c5db28c1c334bd4247a969ff41 |
Family | SnakeKeylogger |
(6)
Sender ip | 185.222.58.136 |
From | |
Subject | "=?UTF-8?B?5paw5o6h6LO86KiC5Zau77yaNDgwMTA0NzM=?=" |
Attachment | "40900900090000.LZH" |
MD5 | e8c250f9df1e7efabc97e05da34993f0 |
SHA256 | 277198b8d7f23797cbbb2c65643df0ef07d259bdabb33afe54b77a4be09c0694 |
Family | SnakeKeylogger |
(7)
Sender ip | 185.222.58.136 |
From | |
Subject | "=?UTF-8?B?5paw5o6h6LO86KiC5Zau77yaNDgwMTA0NzM=?=" |
Attachment | "00404000004.UUE" |
MD5 | 2d5a96bdf8bdc3107fe8c044a880d3d8 |
SHA256 | 3f547f553540fe1703af427ae21d481b1626f702277799f5f909dc0cbe587cb6 |
Family | SnakeKeylogger |
(8)
Sender ip | 103.4.65.245 |
From | "Accounts <[email protected]>" |
Subject | "Re: Quotation" |
Attachment | "Q 1468 Cunnigham Pharma.r01" |
MD5 | a148e3c4b6b3d96a8a3e00a62a53461f |
SHA256 | 967f9f45a143a8f901a37d3b7b7eacbcc743c027fd6e0bcd4548727793ad141a |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(9)
Sender ip | 103.232.53.200 |
From | "Roberto Cagliero <[email protected]>" |
Subject | "New Order No. 211128" |
Attachment | "211128.doc" |
MD5 | 824439aca685176f57c2149be357c0d5 |
SHA256 | 5e7a8b39eff3dfe0374c975fe75a5304dc64b85da4788153796a9bb1f6d44c3c |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(10)
Sender ip | 192.119.110.90 |
From | |
Subject | "PURCAHSE ORDER {SC_20210610.z}." |
Attachment | "SC_20210610.z.z" |
MD5 | 381b7939bf726253b7c08f3883da37de |
SHA256 | 9b35cbd73208090bc92abc19799591e644d55fa6b76f91d661d8e8e9679bf7a6 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(11)
Sender ip | 185.222.57.171 |
From | "Fawwaz Sawan <[email protected]>" |
Subject | "=?UTF-8?B?2LfZhNioINi52LHYtiDYo9iz2LnYp9ixICAtUkZR?=" |
Attachment | "RFQ-sib.r00" |
MD5 | e5e2492c305743886345a0d987bab4a4 |
SHA256 | 349bfbd56d690c615b831f392a57321740906908b43b0f4b8eede1fc270ed618 |
Family | Unknown |
(12)
Sender ip | 195.158.25.118 |
From | "=?UTF-8?b?0JzQsNC70L7RhdCw0YI=?= <[email protected]>" |
Subject | "Fwd: Request for Tender for SAUDI ARAMCO - SAUDI ARABIAN REFINERY RENOVATIONS" |
Attachment | "SAUDI ARAMCO Tender Documents - BOQ and ITB.r01" |
MD5 | c16f930ca96f671a3fefaae1e81ec83e |
SHA256 | 9beb8409acf0951c4bceddaefa9d09950804a0ac4868f85625d6149f3696d082 |
Family | Unknown |
(13)
Sender ip | 195.158.25.118 |
From | "=?UTF-8?b?0JzQsNC70L7RhdCw0YI=?= <[email protected]>" |
Subject | "Fwd: Request for Tender for SAUDI ARAMCO - SAUDI ARABIAN REFINERY RENOVATIONS" |
Attachment | "Tender specifications.ace" |
MD5 | 73ccad1dcad08d3ae7e0989a04976085 |
SHA256 | 31b763a83c956043644826fcdda1dd1883336639c9dbdc1c2ba90a2fb46b7078 |
Family | Unknown |
(14)
Sender ip | 168.168.42.35 |
From | "GIMD Data <[email protected]>" |
Subject | "Mercer GIMD Update June 2021" |
Attachment | "FeeSchedule_2021.xls" |
MD5 | d84e77336ccedc4e48a9f2439b56ec18 |
SHA256 | 76e038bfeed37652cbc02b18bec95f219acb57544dc20d2b185d033fb1b39bde |
Family | Unknown |
(15)
Sender ip | 168.168.42.40 |
From | "GIMD Data <[email protected]>" |
Subject | "Mercer GIMD Update June 2021" |
Attachment | "FeeSchedule_2021.xls" |
MD5 | 1791510b3ce20b1c65a7627992ee67da |
SHA256 | 6aca300602ab7154e213a7869d4b93378028e8f09671baea4591320544eb62ff |
Family | Unknown |
(16)
Sender ip | 185.222.58.149 |
From | "Kelly Cochrane< [email protected]>" |
Subject | "RE: SOA & Invoices 440086" |
Attachment | "SOA & Invoices 440086.zip" |
MD5 | 4b445fd00f0e2e2b185bcae70e91fca7 |
SHA256 | 58851ea095a81281950b14dc6e91f3e3347c4ae8b38c69e307d6e9ba2de42554 |
Family | Unknown |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Thank you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Article Link: Phishing Attacks 10_6_2021