If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here .
(1)
Sender ip | 185.222.58.240 |
From | "flocon acc" <[email protected]>" |
Subject | "Re: RE: RE: RE: RE: RE: RE: RE: Re: RE: RE: Purchase of Wire Cutting, Stripping and Twisting Machine" |
Attachment | "Sales Contract Copy.TAR" |
MD5 | 40e05d66fa334f0e1595c1a6417fecab |
SHA256 | c57086d514c801eaded5f2b6e02b21784c8154f1423693bc9c40454c6bb79d85 |
Family | Formbook |
(2)
Sender ip | 107.173.104.75 |
From | "Yergazy Nurbekuly<[email protected]>" |
Subject | "=?UTF-8?B?UmU6IFJFOiBBV1M6IG5ldyBvcmRlciAvUHJvZm9ybWEtSW52b2ljZSAvIE0vNDU2IOKAkyBNaWQgTWFyY2g=?=" |
Attachment | "INV NO. NATEX-126-2021 MARK.xlsx" |
MD5 | 3f00b0dfc553c54f5f15db87eefac53c |
SHA256 | 77cbd962724314ba756bf64eb7f5f0bdd6f52eaa68ea83e3d6911902690d6cc9 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(3)
Sender ip | 149.72.28.69 |
From | |
Subject | "Are you looking for an experienced Receptionist/Administrator with over 25 years experience?" |
Attachment | "Experienced Receptionist CV.docx" |
MD5 | 0091610dd9467fa19e71f4f9d6fa8622 |
SHA256 | 8423da01d26e738b299b8427e582abb17b037091660101009a256d8c2eea746f |
Family | unknown |
(4)
Sender ip | 62.197.136.162 |
From | "Mustafa Asaad <[email protected]>" |
Subject | "RE : Order Specifications" |
Attachment | "Order Specifications_.xlsx" |
MD5 | 6e80d37d14fbf49bb7d5f34656c62c60 |
SHA256 | fbf53ebacdc9ef0bf5833a25b50b3f4769e8f6ae7f565ce4520888747df8b729 |
Family | NanoCore |
(5)
Sender ip | 180.214.238.36 |
From | "Verna S. Garcia"<[email protected]" |
Subject | "RE: Re: Remittance Advice" |
Attachment | "bank details.rar" |
MD5 | 10e8c1702c57486e79dbf02338290bfc |
SHA256 | 41b0b95391050c9ab35a14c1fb1b242885684eec9cdb661ea48e6d39a15e92c6 |
Family | Formbook |
(6)
Sender ip | 69.55.235.152 |
From | "George Irving <[email protected]>" |
Subject | "Re: Confirm Remittance of payment" |
Attachment | "wire swift copy.zip" |
MD5 | 7910c610f01178980eb3b77f43a146cc |
SHA256 | 91ced8ae239b6f99a6b15217769d96e5ebf2b2575dd9b9a3e1abd4269133a7cb |
Family | Formbook |
(7)
Sender ip | 31.210.20.91 |
From | "Kenji Okamoto(Mr.) <[email protected]>" |
Subject | "PO-New Inquiry (581762)" |
Attachment | "PONew Inquiry 581762 drawings specifications.tar.gz" |
MD5 | 85942de4db48640a3ddf2c0a980f8531 |
SHA256 | 33c2c0cda92fa7cabd3d18af080d60d3142ed8ae505a876cccf4f5dbe1925865 |
Family | AveMariaRAT |
(8)
Sender ip | 45.58.41.24 |
From | "MR. Eson Yuan <[email protected]>" |
Subject | "Re: Amended contract and Invoice commercial" |
Attachment | "amended contract and invoice commercial (2).xlsx" |
MD5 | 4dd25dd92b5ec56a5ecc0614eb6bafba |
SHA256 | c18e5a14ec9346ff6aaeb0372840100c70865989fca652d398e2e2b95afc3a2b |
Family | Formbook |
(9)
Sender ip | 45.58.41.24 |
From | "MR. Eson Yuan <[email protected]>" |
Subject | "Re: Amended contract and Invoice commercial" |
Attachment | "amended contract and invoice commercial (2).xlsx" |
MD5 | 4dd25dd92b5ec56a5ecc0614eb6bafba |
SHA256 | c18e5a14ec9346ff6aaeb0372840100c70865989fca652d398e2e2b95afc3a2b |
Family | Formbook |
(10)
Sender ip | 185.222.58.50 |
From | |
Subject | "EU Business Register 2022/2023" |
Attachment | "Business Register.rar" |
MD5 | 73599dbbdb8ee001000a682c82c459f3 |
SHA256 | d7c7e4c48bd5425fa67897d421ea6e38ba006d6fb59df2084cc7f11f5fddf052 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(11)
Sender ip | 45.137.22.55 |
From | "Caoxi " <[email protected]>" |
Subject | "20% PRE PAYMENT FOR MACKEREL ORDER" |
Attachment | "PAYMENT COPY.zip" |
MD5 | 21c7b212883138f7291099f9557b9cef |
SHA256 | 288c00340ac753fccd80d05ab872ec8ad62a664cede9f59fe30b7a5512a52351 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(12)
Sender ip | 209.85.221.193 |
From | "ATM MAIN DELIVERY UPDATE <[email protected]>" |
Subject | "FELICIDADES AFORTUNADO GANADOR" |
Attachment | "BUENAS NOTICIAS FELIZ GANADOR FELICITACIONES.docx" |
MD5 | d23c579b03677ac8c2b06479ed9bf49f |
SHA256 | ba509bbf64be2ba170e79207b9ca11a9c94516dcef9663252ecdd6a6ef1d5300 |
Family | Unknown |
(13)
Sender ip | 45.137.22.55 |
From | "Sharon Jiang " <[email protected]>" |
Subject | "RE: PARKING LIST FOR MARCH SHIPMENT" |
Attachment | "PARKING LIST, BL AND TELEX.zip" |
MD5 | 9ad08f8c339220ca3fe419bfaf3a35f3 |
SHA256 | 644ad6ff06f0f8b21ccf1479734184eddd8a899daeed1195afaf3ea05cb1cab0 |
Family | Formbook |
(14)
Sender ip | 45.137.22.55 |
From | |
Subject | "(JHI-22097(KA21-31F Frozen Edamame) Packing List Invoice)" |
Attachment | "KA21-31F packing list invoice.zip" |
MD5 | 08f5bda54aad3d28c558f2e5b801d18d |
SHA256 | e59f889f2edac6c515cdbd10aaf61ce52a2100fec785bc5681ab49da7bf3ccf9 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(15)
Sender ip | 45.137.22.156 |
From | |
Subject | "RE: Revised BL" |
Attachment | "documents.zip" |
MD5 | 10e431e28830ff84593cc804783cdcad |
SHA256 | c4cff9284965ae37e1555ce9a63369b14073fae347f357544872105e6f2add19 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Article Link: Phishing Attacks 24_3_2022