If you wanna learn how to detect phishing emails only by your eye , you can check my udemy course here .
(1)
Sender ip | 45.137.22.156 |
From | |
Subject | "Re: Enquiry" |
Attachment | "PRICE QUOTE.zip" |
MD5 | 05c141b39bb4c908a420a13d56260657 |
SHA256 | 759dab60f58018203d219a229e69a2af9adc96cfc46cfa28f2877af8648777b6 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(2)
Sender ip | 108.166.43.78 |
From | "Bsawyer"<[email protected]>" |
Subject | "Your order: #RS00HNAWZ1" |
Attachment | "#RS00HNAWZ1.iso" |
MD5 | 84a0b17fb49483b8b0fa79066d87afd1 |
SHA256 | 2507f3526d4419945b1091542eeca79de74602e5cea24b14492fe14be66d7ab5 |
Family | Vjw0rm |
(3)
Sender ip | 45.137.22.115 |
From | "Cathy Yang <[email protected]>" |
Subject | "RE: RE: 90% BALANCE PAYMENT INVOICE 1394,1395/21-22" |
Attachment | "swift00098765456NMLO.zip" |
MD5 | a5e55107f754fa83badfbbd34aba0ab7 |
SHA256 | 7bcd80864e8f7f0dfd8a0f2694b8f3e9a1bb443cd8e8ec86305422e6b5b2c0db |
Family | Unknown |
(4)
Sender ip | 185.176.221.189 |
From | "Dhl Customer Support <[email protected]>" |
Subject | "Delivery Failed" |
Attachment | "Attachment.iso" |
MD5 | c61bbf21647bcf6d7482d0e765baec65 |
SHA256 | a6dcbfef14af69bd9635305dac92f09a3bffc67453d777b41d2c09345c354fdb |
Family | RemcosRAT |
(5)
Sender ip | 104.168.204.20 |
From | "Faruk Ahmed <[email protected]>" |
Subject | "NEW PURCHASE ORDER FOR URGENT RESPONSE $180,000" |
Attachment | "NEW PURCHASE ORDER FOR URGENT RESPONSE $180,000.rar" |
MD5 | 0266a43bd817ce7a594fe36784443567 |
SHA256 | 8aa0c9ab87da8ca53599e758b5061fb9a6ef1502ef60538835f2b9ae1d6356ad |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(6)
Sender ip | 185.176.221.189 |
From | "Dhl Customer Support <[email protected]>" |
Subject | "Delivery Failed" |
Attachment | "Attachment.iso" |
MD5 | ed5a7b6c398627a0e30d56ed4a811fb3 |
SHA256 | 8887416f03acd7c498c9e891fde30e3503b8a5fc9c31d11bb0c04815f45f27d0 |
Family | NetWire |
(7)
Sender ip | 193.56.29.111 |
From | "CARAVAN Sales <[email protected]>" |
Subject | "RFQ-910015 CARAVAN GROUP" |
Attachment | "RFQ-910015.xlsx" |
MD5 | 51cfc4755260459f4417f9ed5c85b0e3 |
SHA256 | 25ac56fa9637967ae898c22748283b3655c5dcb00f3c9100d6e787b45e9e4714 |
Family | Unknown |
(8)
Sender ip | 31.210.20.38 |
From | "BITCOIN <[email protected]>" |
Subject | "New Btc Policy" |
Attachment | "FULL BTC POLICY2022 INTL.PDF.rar" |
MD5 | a42021d9e55675d7f14d76f9095798b0 |
SHA256 | c70a438d7d83606c0de95316aec263df0e914f21375089e33fc165c094e33d23 |
Family | unknown |
(9)
Sender ip | 31.210.20.38 |
From | "JESSE BOLEVAN <[email protected]>" |
Subject | "New Order" |
Attachment | "Order_67289283828289.zip" |
MD5 | d6351e3046f31284599623b4a033041c |
SHA256 | ce9ad4f8dd11515d83ae00f791e665f445867cb2a9176f5fb3afc6c7669cb4da |
Family | Unknown |
(10)
Sender ip | 103.133.109.71 |
From | "DHL Express <[email protected]>" |
Subject | "RE: AWB #6913321715 & SHIPPING DOCUMENTS" |
Attachment | "AWB & Shipping Documents.tar" |
MD5 | 9673abd07490321eadd85557b33b4dee |
SHA256 | 6aa6b71dc678822b714af3634efb002dd0d0e7ca0c3cf0e4040989a1c3914029 |
Family | Unknown |
(11)
Sender ip | 103.125.190.56 |
From | |
Subject | "QOUTATION CONFIRMATION" |
Attachment | "AWS QOUTATION 768854_SCAN_PDF.rar" |
MD5 | a55c09a332d66944bc6ea102b5375495 |
SHA256 | 4054e74d768d7fac206b141d7c01cef8a9345f6b9741758b0e56bde21518c0b9 |
Family | RemcosRAT |
(12)
Sender ip | 45.137.22.48 |
From | "Mohamed Al Mazrui <[email protected]>" |
Subject | "Re: *URGENT*- Payment to bank details (CONFIRM BANK DETAILS)" |
Attachment | "Bank details.lzh" |
MD5 | "Bank details.lzh" |
SHA256 | 9e5b19bd45bde27361505fd750b2537f2b83eaf2ece6bbcbc20f595d99e8384d |
Family | AgentTesla |
(
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
13)
Sender ip | 199.10.31.238 |
From | "Josey<[email protected]>" |
Subject | "Mountz, Inc.: Purchase Order #PO226520" |
Attachment | "Purchase Order_PO226520_1632165053105.rev" |
MD5 | edf299482cbcfa08f808e2fa4b5e6a8d |
SHA256 | a0e1b5c3ee9b881556c44f34851ab539c892e9e585645e4922446e1f46655946 |
Family | Unknown |
(14)
Sender ip | 185.29.9.105 |
From | "Lucia Pancini<[email protected]>" |
Subject | "PO for New Order" |
Attachment | "PO-IMAGE-SCAN-00HD878HE485HDYTE.rar" |
MD5 | ee6701a8830a5c3bd99a2e58c8aeeca1 |
SHA256 | b38fb86423029b7c8cb1f4a426606001647d4b7c6950a46fc552b438c9f6ba96 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(15)
Sender ip | 185.222.58.155 |
From | "Anil <[email protected]>" |
Subject | "RE: PURCHASE ORDER I 5083 - 2340212" |
Attachment | "PURCHASE ORDER I 5083.r00" |
MD5 | aa157b553888eac217edcf018295f240 |
SHA256 | b1b4509bb3b6ac1ead9e61ac865f04ae862fef2f905043d06d5546ea607f4536 |
Family | Formbook |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Article Link: Phishing Attacks 27_9_2021