If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here .
(1)
Sender ip | 203.159.80.182 |
From | "DHL Group <[email protected]>" |
Subject | "Shipment Document BL,INV and packing list" |
Attachment | "Shipment Document BL,INV and packing list.jpg.ace" |
MD5 | b800504be883e3cda511a86d7c16ee3d |
SHA256 | 00a6ef981cfb0915c42062fc29892b2c55408f5fabbb77ac528cd85428578cc0 |
Family | Formbook |
(2)
Sender ip | 185.222.58.58 |
From | "KCTC International Ltd.<[email protected]>" |
Subject | "pounds Payment Only//Revise Invoice to pounds Currency//Provide pounds Bank Details" |
Attachment | "pounds Payment.zip" |
MD5 | d232c424641bd7c98da1e72b340c9960 |
SHA256 | ae027ce7ae2fe9beae54dd28cc762c3be6a7652918490c9cc30f8498937d50b8 |
Family | Formbook |
(3)
Sender ip | 199.10.31.237 |
From | "Roseline"<[email protected]>" |
Subject | "Payment" |
Attachment | "Scanned101.zip" |
MD5 | 4b60bb4d11850a546305a201443fd580 |
SHA256 | a1554259073fe90c0b577c90357f22a73291e57836e74933f0c6a000f7f1ead3 |
Family | BitRAT |
(4)
Sender ip | 199.10.31.237 |
From | "Roseline"<[email protected]>" |
Subject | "Payment" |
Attachment | "Scanned101.zip" |
MD5 | 4b60bb4d11850a546305a201443fd580 |
SHA256 | a1554259073fe90c0b577c90357f22a73291e57836e74933f0c6a000f7f1ead3 |
Family | BitRAT |
(5)
Sender ip | 185.222.58.92 |
From | "Zahir Uddin" <[email protected]>" |
Subject | "Re: PT sai payment" |
Attachment | "Wire Transfer Copy.7Z" |
MD5 | 129188feb16f5ac6f3a69aa70933955f |
SHA256 | 13e22246d7ab046d62946c11bcdd0d8968348beea1c5d854274c069770e1c614 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(6)
Sender ip | 37.0.11.89 |
From | "Accounts Payables" <[email protected]>" |
Subject | "Re: Payment receipt" |
Attachment | "PAYMENT RECEIPT.rar" |
MD5 | 67401c6d9af39147878e35a54b8ce21f |
SHA256 | 4dddf65a4208903c0672ef3d5c6f2507cb0b0a46e6d997b8323097639c2f7f41 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
Sender ip | 2.56.59.219 |
From | "Angie Yuan" <[email protected]>" |
Subject | "Re: Forwarder Details" |
Attachment | "SC221420.IMG" |
MD5 | 2e39197eefddf6c8d79a4775078872d1 |
SHA256 | cc8d7caae86931fd55dbe76f6dce9cbbfedc3a9bd329c39a63e62c4b58ec39a4 |
Family | Formbook |
(8)
Sender ip | 185.222.58.58 |
From | "KCTC International Ltd.<[email protected]>" |
Subject | "80% advance payment" |
Attachment | "advance payment.zip" |
MD5 | 4a3f27f583265d76d6bbdf933a4a0ffc |
SHA256 | 86437f5988a08ba44e610ae53eb2d77426e00f3ed8e5110dee63f98abdb30092 |
Family | Formbook |
(9)
Sender ip | 185.222.58.41 |
From | "Kirsten Buermans <[email protected]>" |
Subject | "fw: Payment" |
Attachment | "Swift copy.zip" |
MD5 | 2997ea9b25150b59e39fd7a800364f9a |
SHA256 | f3c1fcd51e7c19668dd1d407d55e600cfe09ded3cac37b2906be6a8f6ca729b4 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(10)
Sender ip | 45.137.22.148 |
From | |
Subject | "RE: NEW REVISED ORDER" |
Attachment | "NEW REVISED ORDER.r00" |
MD5 | a48ae81e89ec55a5ccd35564b8312c94 |
SHA256 | 3e3c65d9214cdcdf6bb00dfa213bd53009f16cf9b2e0eb6b015596f767cdcd63 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Article Link: https://menshaway.blogspot.com/2022/02/phishing-attacks-1622021.html