(1)
Sender ip | 45.137.22.41 |
From | "JENNIFER <[email protected]>" |
Subject | "RE : RFQ-AGS21277" |
Attachment | "RFQ-AGS21277_pdf.lzh" |
MD5 | ca0d509b6ed3098e589ef16fc8e900b1 |
SHA256 | e47e486c7a41e027316eb01cf4b9a93f847933566e84ae178eaa99d5accc4d7e |
Family | Loki |
(2)
Sender ip | 103.139.44.91 |
From | "Hong Lam <[email protected]>" |
Subject | "SWIFT COPY FOR ADVANCE PAYMENT" |
Attachment | "SWIFT COPY FOR ADVANCE PAYMENT.rar" |
MD5 | 16a2e60be265343b6b55e16110d5633f |
SHA256 | 3f9eb1d67f5f85ad76dc28a3fa3112459d7bb614ff177cbd178ee1035649da15 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla
(3)
Sender ip | 103.133.106.100 |
From | "Sofien Ben Jemaa<[email protected]>" |
Subject | "Original Documents" |
Attachment | "Invoice_20210204.zip" |
MD5 | a3aadc97039f85f40f8fef2522d23116 |
SHA256 | 60c51de032d9f139ccd9f4dcbbd88f4e3911ac496042fad636c1361daaf71a48 |
Family | SnakeKeylogger |
(4)
Sender ip | 103.133.106.100 |
From | "Sofien Ben Jemaa<[email protected]>" |
Subject | "Original Documents" |
Attachment | "BL.zip" |
MD5 | 6487f113dda7b69b9404d218d525fbf2 |
SHA256 | 73f765a9c4713b8047fe5f71e0bd38426f230df062b6e291990dffe6e0836ba8 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla
(5)
Sender ip | 103.139.44.91 |
From | "Wang Fang <[email protected]>" |
Subject | "NEW ORDER #745332" |
Attachment | "NEW ORDER #745332.rar" |
MD5 | b1b481f73161a2306815df887dc32f03 |
SHA256 | 8bf61f9efba8f27282e3bb4d0e3661260ce5c265c27630878b64aa138a1adc68 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla
(6)
Sender ip | 103.139.44.91 |
From | "Suzy (Borgers-Tuopu)"<[email protected]>" |
Subject | "RE: AW: Ningbo New Order TP-20210345002" |
Attachment | "NINGBO-ORDER TP-20210345002.wim.001" |
MD5 | 131639bf3ca42f4fdd8d9a97cfde11e0 |
SHA256 | 97e2aef18478986c555089e29a6ef38ac5dfe4109d996e7ca0abaa231535a8a7 |
Family | Unknown |
(7)
Sender ip | 45.137.22.149 |
From | |
Subject | "RE: SHIPPING DOCUMENT & PACKING LIST" |
Attachment | "PMSHIPPING DOCUMENT & PL.r00" |
MD5 | 8f1d3b0ef919775f563e4c6fe4cc2f91 |
SHA256 | 3f21c1dadbb99df098bc46b886abcd6d8e9d4093e9283f6bf9de185a2446dddf |
Family | AgentTesla |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Article Link: Phishing Attacks 8_5_2021