Phishing Attacks 16_2_2021

 



If you wanna learn how to detect phishing emails  only by your eye , you can check my udemy course here .

My udemy course



(1)

Sender ip

203.159.80.182

From

"DHL Group <[email protected]>"

Subject

"Shipment Document BL,INV and packing list"

Attachment

"Shipment Document BL,INV and packing list.jpg.ace"

MD5

b800504be883e3cda511a86d7c16ee3d

SHA256

00a6ef981cfb0915c42062fc29892b2c55408f5fabbb77ac528cd85428578cc0

Family

Formbook

 

(2)

Sender ip

185.222.58.58

From

"KCTC International Ltd.<[email protected]>"

Subject

"pounds Payment Only//Revise Invoice to pounds Currency//Provide pounds Bank Details"

Attachment

"pounds Payment.zip"

MD5

d232c424641bd7c98da1e72b340c9960

SHA256

ae027ce7ae2fe9beae54dd28cc762c3be6a7652918490c9cc30f8498937d50b8

Family

Formbook

 

(3)

 

Sender ip

199.10.31.237

From

"Roseline"<[email protected]>"

Subject

"Payment"

Attachment

"Scanned101.zip"

MD5

4b60bb4d11850a546305a201443fd580

SHA256

a1554259073fe90c0b577c90357f22a73291e57836e74933f0c6a000f7f1ead3

Family

BitRAT

 

 

(4)

 

Sender ip

199.10.31.237

From

"Roseline"<[email protected]>"

Subject

"Payment"

Attachment

"Scanned101.zip"

MD5

4b60bb4d11850a546305a201443fd580

SHA256

a1554259073fe90c0b577c90357f22a73291e57836e74933f0c6a000f7f1ead3

Family

BitRAT

 

(5)

Sender ip

185.222.58.92

From

"Zahir Uddin" <[email protected]>"

Subject

"Re: PT sai payment"

Attachment

"Wire Transfer Copy.7Z"

MD5

129188feb16f5ac6f3a69aa70933955f

SHA256

13e22246d7ab046d62946c11bcdd0d8968348beea1c5d854274c069770e1c614

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

 (6)

Sender ip

37.0.11.89

From

"Accounts Payables" <[email protected]>"

Subject

"Re: Payment receipt"

Attachment

"PAYMENT RECEIPT.rar"

MD5

67401c6d9af39147878e35a54b8ce21f

SHA256

4dddf65a4208903c0672ef3d5c6f2507cb0b0a46e6d997b8323097639c2f7f41

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(7)

Sender ip

2.56.59.219

From

"Angie Yuan" <[email protected]>"

Subject

"Re: Forwarder Details"

Attachment

"SC221420.IMG"

MD5

2e39197eefddf6c8d79a4775078872d1

SHA256

cc8d7caae86931fd55dbe76f6dce9cbbfedc3a9bd329c39a63e62c4b58ec39a4

Family

Formbook

 

(8)

Sender ip

185.222.58.58

From

"KCTC International Ltd.<[email protected]>"

Subject

"80% advance payment"

Attachment

"advance payment.zip"

MD5

4a3f27f583265d76d6bbdf933a4a0ffc

SHA256

86437f5988a08ba44e610ae53eb2d77426e00f3ed8e5110dee63f98abdb30092

Family

Formbook

 

(9)

Sender ip

185.222.58.41

From

"Kirsten Buermans <[email protected]>"

Subject

"fw: Payment"

Attachment

"Swift copy.zip"

MD5

2997ea9b25150b59e39fd7a800364f9a

SHA256

f3c1fcd51e7c19668dd1d407d55e600cfe09ded3cac37b2906be6a8f6ca729b4

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.   

(10)

Sender ip

45.137.22.148

From

"[email protected]"

Subject

"RE: NEW REVISED ORDER"

Attachment

"NEW REVISED ORDER.r00"

MD5

a48ae81e89ec55a5ccd35564b8312c94

SHA256

3e3c65d9214cdcdf6bb00dfa213bd53009f16cf9b2e0eb6b015596f767cdcd63

Family

AgentTesla

If you wanna know how to analysis AgentTesla Malware you can      check my analysis in YouTube  AgentTesla.  


If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 

          https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA   


Article Link: https://menshaway.blogspot.com/2022/02/phishing-attacks-1622021.html