If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here .
(1)
Sender ip | 185.222.57.75 |
From | "Abrar Ahamed <[email protected]>" |
Subject | "RE: Re Supply of Aggregate Sub-base download file and see more." |
Attachment | "Supply of Aggregate.r00" |
MD5 | 2ecad21fb0ad5ddb2938d7503152a7ad |
SHA256 | f796a3fb3b89c3361d393605988484621450a0c8a73ff2c7f44ad65d11b56892 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(2)
Sender ip | 103.139.44.91 |
From | |
Subject | "RFQ RE: New PO-MPU702734" |
Attachment | "MPU702734-pdf.gz" |
MD5 | ad0a8dc9191cebc5364ce7ee9e7b0cac |
SHA256 | 474f8ad5170c4840a256f8c9d43b8e012f380138e2b11e629f6927726e828b91 |
Family | Unknown |
(3)
Sender ip | 46.183.223.113 |
From | "Roman Cheremisin <[email protected]>" |
Subject | "NEW PURCHASE ORDER PO2234511" |
Attachment | "Purchase Order two. doc" |
MD5 | bdeba8a3ea9e98c5938cb8d611f607d3 |
SHA256 | 2e174386633828e5b4c6628c7957dc843ade571ac5644f27924459a76748c706 |
Family | Unknown |
(4)
Sender ip | 46.183.223.113 |
From | "Roman Cheremisin <[email protected]>" |
Subject | "NEW PURCHASE ORDER PO2234511" |
Attachment | "Purchase Order Three .doc" |
MD5 | 9c641651b430f3250a63877c74d77e7a |
SHA256 | 3c77ba2d84d91215e09d96edf47de3113194ee4154b0e38b9bf5de1d4d44031d |
Family | Unknown |
(5)
Sender ip | 103.153.79.77 |
From | "account-HKGROUP <[email protected]>" |
Subject | "FW: DEBIT NOTE/ LOI/ Re[12]: DELAY NOTICE/ BOOKING ZIMUHCM80175843/ HCM-SAVANNAH / LINE ZIM /ETD: 03-JUL" |
Attachment | "2314.zip" |
MD5 | dbd20da7212d4b20e9c7173125d2ff9c |
SHA256 | 3ffac520312b87f502950dcd7832db87888555a97e96719746205ebf4acfe438 |
Family | SnakeKeylogger |
(6)
Sender ip | 38.130.221.187 |
From | "DAVID WONG <[email protected]>" |
Subject | "CONFIRMATION ORDER" |
Attachment | "CONFIRMATION ORDER.zip" |
MD5 | 00c2c49da45965b0e22597e0bd9c3964 |
SHA256 | 6d2acc22440a4f5c15c989e4faa896b92384c6df2eec613ee1c3e66ff449c81e |
Family | SnakeKeylogger |
(7)
Sender ip | 103.99.3.112 |
From | T. Selvam<[email protected]" |
Subject | "Re: Purchase Order" |
Attachment | "Purchase Order.r00" |
MD5 | 51e24302c3525b761872397b55ec653c |
SHA256 | 5dad4092465dce8d51f59b964077033e72024134a2269b929a8002e52bbbb9ad |
Family | Formbook |
(8)
Sender ip | 165.22.211.218 |
From | "Bonnie Wu" <[email protected]>" |
Subject | "Payment receipt" |
Attachment | "Payment Receipt.zip" |
MD5 | 98f96d0a617b4fc387011474681b6d9d |
SHA256 | 791c59d9b13a96c15e17baf22d85ffd8e8f783909c246043ba600f9c5f36181b |
Family | Formbook |
(9)
Sender ip | 185.222.57.156 |
From | "Ravi Jaitly"<[email protected]>" |
Subject | "Purchase Order 4110043899" |
Attachment | "Released Order.r15" |
MD5 | 5364961cf95f94c23988ec567ca7466a |
SHA256 | 8b82e033dd3ab1e4b2d827e7b5627b4d2a937246e4c53e5400ea94f02f5e82ee |
Family | Unknown |
(10)
Sender ip | 45.137.22.75 |
From | |
Subject | "Re: Invoice Query " |
Attachment | "PAYMENT COPY.r00" |
MD5 | 68ca906b3a5d37a1eb8dafba33ac3f04 |
SHA256 | f0212164481dbc5204645f14e6fd604178e2a1bbc7064e021f459b3aa49abacf |
Family | Unknown |
(11)
Sender ip | 103.139.45.212 |
From | "Irene Chan<[email protected]>" |
Subject | "Payment Invoice" |
Attachment | "Payment_invoice.zip" |
MD5 | 9486933add946e50daa804e8179d77f2 |
SHA256 | 19206641ad6dfe10bc758922d2917b690431b0bc6b7f45a445cdec3b1a7fb7b3 |
Family | Unknown |
(12)
Sender ip | 149.202.44.208 |
From | "ANTHONY MACOVICH" <[email protected]>" |
Subject | "Purchase Ordr 112345" |
Attachment | "order.zip" |
MD5 | edded1e2382bd3fa5b966f3067690cc1 |
SHA256 | 497b04efe79c9dce8bb75a37d72702eb9b703912994c5351a6792a8c217160c9 |
Family | NetWire |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Article Link: https://menshaway.blogspot.com/2021/07/phishing-attacks-2172021.html