(1)
| Sender ip | 103.133.106.156 |
| From | "Wini Zeng [email protected]" |
| Subject | "Request For Quotation " |
| Attachment | "Purchase Quotation.gz" |
| MD5 | 8960203a1283a4b46d1c0b8573716fe3 |
| SHA256 | ecb3d2f8933eb1e048a42128cd5a6d0eb21745f55ff83c89c715be34db170e1c |
| Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(2)
| Sender ip | 213.246.110.56 |
| From | "=?UTF-8?Q?=E5=88=98=E5=BF=97=E6=9D=B0?= <[email protected]>" |
| Subject | "[SINOPEC/MIP/PKG17]-RFQ//FENCE MATERIAL-EASTERN FENCE OIL AND GAS/MARINE" |
| Attachment | "MIP17-MTA002 TBE Clarification Rev. A - EASTERN.Tar" |
| MD5 | 6cb5843f813dbe6aae3c331a1454473f |
| SHA256 | cf0979e009966dcbd4bbfd300daafddf3f36a3b7e384adb4b91e0e97fb7d40ba |
| Family | SnakeKeylogger |
(3)
| Sender ip | 159.89.112.172 |
| From | |
| Subject | "DHL Shipment Notification : 3227610761" |
| Attachment | "WaybillDoc_3227610761.zip" |
| MD5 | 516f2d7f6901c0d5e9154dc062dfe994 |
| SHA256 | c084f4aecf97e5c7753b9c2fe2a44862926cb2df16df73d4db4af797cb2ea952 |
| Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(4)
| Sender ip | 193.56.29.192 |
| From | |
| Subject | "Ultramol PO 33015- RFQ" |
| Attachment | "PO 33015.doc" |
| MD5 | c428f38a84f17399a88559e3fc68fff5 |
| SHA256 | 44f060eefb28b1d90759eb517c0e134e52164a2701e4f4d9ddbbbd27f48cce2c |
| Family | Formbook |
(5)
| Sender ip | 92.204.160.71 |
| From | "UTENTRA SRL || Purcshase Dept <[email protected]>" |
| Subject | "new po 20217602" |
| Attachment | "new order 20217602.xlsx" |
| MD5 | 34ea341a86ef62ca56e400e0df97f3c5 |
| SHA256 | b7ec359d9ce5edd99910dc32f7a07ad50dd056fb26791a6aed260a65b6cb684d |
| Family | Formbook |
(6)
| Sender ip | 46.183.220.10 |
| From | "USMAN <[email protected]>" |
| Subject | "RE: Purchase Order" |
| Attachment | "Purchase Order.LZH" |
| MD5 | 501660f2310efb40ca77a981044c61f5 |
| SHA256 | eec0c1a34f078642a001b1c3611159446d65586cc7f502780c005e4398c6298b |
| Family | SnakeKeylogger |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Article Link: Phishing Attacks 28_6_2021