(1)
Sender ip | 45.137.22.56 |
From | "Mike Yang<[email protected]>" |
Subject | "fwd: Re: outstanding invoices" |
Attachment | "outstanding invoices pdf.7z" |
MD5 | 07b4a4b24f0cfad258497c689a8a93fe |
SHA256 | 0505d6f20405f635068b46f0adc82e65ea574da428e4b8fd256c64a9ecf237fe |
Family | Formbook |
(2)
Sender ip | 185.222.57.157 |
From | |
Subject | "RE: Invoice & Packing list for Approval (20-21/197)" |
Attachment | "Invoice & Packing.r00" |
MD5 | 21a70f72f2295a0485d7e0a5c8ada771 |
SHA256 | cf65bb00d5f1fc805c74ccaa290027265bc293b07cfd58717948739fe7200dba |
Family | AgentTesla |
(3)
Sender ip | 185.222.57.162 |
From | "Supriya M Rao<[email protected]>" |
Subject | "PO#5300008762. NEEDED URGENTLY" |
Attachment | "PO#5300008762.zip" |
MD5 | 232fa3693aad6d87354244a9898b1059 |
SHA256 | 229abf4d35db6de67ef6dbf60b79dc0f07f1e25a0b957ed5b7f26b17f16f82f4 |
Family | AgentTesla |
(4)
Sender ip | 103.89.91.93 |
From | "DHL Express Inc<[email protected]>" |
Subject | "DHL NOTICE OF ARRIVAL Reff:O/59548/178980" |
Attachment | "DHL Receipt_pdf.gz" |
MD5 | 7b094e768f6fa1a49b5c5004636d6759 |
SHA256 | f99d20b93c7da8516997054bd7888d2584e69a9d6ca569a721d740a3e1a0a678 |
Family | Loki |
(5)
Sender ip | 45.137.22.71 |
From | "Probona Info <[email protected]>" |
Subject | "New Order" |
Attachment | "confirm this order and sign PI.gz" |
MD5 | 299e8942daf3479234843c5327676e5e |
SHA256 | bc429aca6dcf6a9b2315f7cdf4465ceb8a4f5ded220c7c6ef2c6781d5d5dafc4 |
Family | Formbook |
(6)
Sender ip | 45.137.22.71 |
From | "Sanjoy Das Chowdhury <[email protected]>" |
Subject | "HSBC 6265( Box) - Payment proof" |
Attachment | "HKHSBC1D23297029-T01 Payment proof.7z" |
MD5 | 79eefcf4ce0ca0922e31005393d9b15d |
SHA256 | 641c83fb32cfb7415be602df2b934059f88b340a956efcc95cbd74f9e76dfb33 |
Family | SnakeKeylogger |
(6)
Sender ip | 45.137.22.57 |
From | |
Subject | "Amended Purchhase Order Follow Up" |
Attachment | "Amended Purchhase Order Follow Up.zip" |
MD5 | 5e7b7e99854ec413703f910f53b82432 |
SHA256 | 6a699c86232d7e3a6173aed0357555ecd214ec1cea38884bc81289ce0610d6b9 |
Family | AgentTesla |
(7)
Sender ip | 185.222.58.156 |
From | "Sales <[email protected]>" |
Subject | "RE: ENQUIRY NOVA/1181/04/26/JJ RFQ" |
Attachment | "ENQUIRY-NOVA11810426JJ-RFQ.r00" |
MD5 | 407a815448b1b8e42753d74c02aa09eb |
SHA256 | f5ec1341d631452ee16446197912ed2845475a2b6b902466a74ed544dd5a9be7 |
Family | SnakeKeylogger |
(8)
Sender ip | 165.227.239.191 |
From | "MAERSK LINE" <[email protected]>" |
Subject | "Maersk Booking Confirmation and Telex release" |
Attachment | "Booking Confirmation.gz" |
MD5 | a3b9bdb7305ef28e933533bd6b87d8bf |
SHA256 | 682dda0201be9106ffab1fc5c99adce763099cf29af848ccba7ac86971cbf1e3 |
Family | Loki |
(9)
Sender ip | 185.222.57.216 |
From | |
Subject | "PAYMENT ADVICE FOR OUTSTANDING SOA," |
Attachment | "payment advice 0264.rar" |
MD5 | c2edb5f467db0ac0bf4b40307e36e066 |
SHA256 | 8deaa8789f9392ce4fbab6cfbb6598d5c4cd075012b396827103b00958490c9a |
Family | AgentTesla |
(10)
Sender ip | 185.222.57.216 |
From | |
Subject | "PAYMENT ADVICE FOR OUTSTANDING SOA," |
Attachment | "payment advice 0264.rar" |
MD5 | c2edb5f467db0ac0bf4b40307e36e066 |
SHA256 | 8deaa8789f9392ce4fbab6cfbb6598d5c4cd075012b396827103b00958490c9a |
Family | AgentTesla |
(11)
Sender ip | 138.128.160.2 |
From | Charlotte Elijah <[email protected]> |
Subject | PROFORMA INVOICE#4902 |
Attachment | PROFORMA INVOICE#4902.pdf.zip |
MD5 | 36a821d735296e196510d4372f4bad72 |
SHA256 | f3bed53b374e76a80c611fed1383fda4a6c5eea0ede45cf6391bf2aa6cde9c37 |
Family | Unknown |
Article Link: https://menshaway.blogspot.com/2021/04/phishing-attacks-2642021.html