(1)
Sender ip | 81.1.11.121 |
From | "Contabilidad Aux" |
Subject | "Outstanding Payment" |
Attachment | "Outstanding Payments.img" |
MD5 | 5083b82aadd8093824ffb240ad814553 |
SHA256 | ba966be275e4b3473d0fb947fe795f1e7a80ba7ad13b10f6bf5f48872c3b7920 |
Family | Loki |
(2)
Sender ip | 45.137.22.37 |
From | 155.94.136.153 |
Subject | "BQ/2021/PROC/MB-06-07" |
Attachment | "quote_06-07.zip" |
MD5 | 5b1aad08ce2c6b664b5ed0a76abd1e0f |
SHA256 | 32d624a2598e72f5120887240867fd6f35faa7e8ed04adb232c37a0ca0498650 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(3)
Sender ip | 193.201.172.120 |
From | "DHL Express Delivery Services" <[email protected]>" |
Subject | "Your package has been returned to the sender." |
Attachment | "PcLjY.xlsm" |
MD5 | 147418dcb1b8dfd98570cca5ba60b0c8 |
SHA256 | 943e042a068c9c079f94ba50ed5e769ff959f79cbcf6dea8d9b09f0a388a0d28 |
Family | Unknown |
(4)
Sender ip | 64.44.139.163 |
From | "FORTUNE STAR SHIPPING PTE LTD<[email protected]>" |
Subject | "MV XIN HAI TONG23 - AGENT NOMINATION / PDA REQUEST" |
Attachment | "MASTER CONTACT DETAILS.rar" |
MD5 | 97ee77d34e27fc891934d0ceda085a29 |
SHA256 | 9b535df4412e9df0e5e9b1a76f64a2f977ec3ab8a59abcc77dbd95e562012992 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(5)
Sender ip | 185.222.58.158 |
From | "TNT EXPRESS INC <[email protected]>" |
Subject | "RE:**TOP URGENT** Consignment Notification: You have A Package With Us" |
Attachment | "Consignment Document.pdf.rar" |
MD5 | 96aca8bae54d2bebff8672a396e25b60 |
SHA256 | 216db56b88f1aa79e283a6d94ab8279464eb2d1646952bfce59051c57028f925 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(6)
Sender ip | 103.232.53.200 |
From | "Sales Department <[email protected]>" |
Subject | "RFQ: Pattern quotation 5638044" |
Attachment | "387-3703_drw - PRODUCTION-pdf.gz" |
MD5 | cf8c70f20e71f91389ab45d46a7fc576 |
SHA256 | b4bdffe4d750442723727823a4efd9e0c9f048dde37c127d144e33de96c6af7b |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(7)
Sender ip | 185.222.58.149 |
From | "Katrina Payne<[email protected]>" |
Subject | "RE:REMITTANCE ADVICE (Balance Payment_Y/ref Invoice No. 309320_ EK (URGENT!)" |
Attachment | "Invoice No. 309320.zip" |
MD5 | f6caf58b4b4df91e45db5f938cb96573 |
SHA256 | 2d2c4e635a371703010f38a45110fb8b52fe50eb02d9469f8dac7686e7b2feb8 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(8)
Sender ip | 185.25.20.204 |
From | |
Subject | "Re: Purchase Order Confirmation" |
Attachment | "Purchase Order(1).zip" |
MD5 | 9d62a1d2e21498afe9032e6cb2cb4c8c |
SHA256 | 4ba2e9dac0846744d8dd87a996f08d7c2c98fca542a9d309a2b3d0feceb5f1c1 |
Family | NanoCore |
If you wanna know how to analysis NanoCore Malware you can check my analysis in YouTube NanoCore..
(9)
Sender ip | 142.93.99.134 |
From | "Mazen Jaber <[email protected]>" |
Subject | "Urgent!!! Our Payment (39.750,00 USD)" |
Attachment | "Bank TT Copy.iso" |
MD5 | e606dc50102a6aab21586c81682b5c2d |
SHA256 | 034f770796527674a91815023e4bf24699a8ca31efe6a2349188af32e6e67060 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(10)
Sender ip | 172.106.111.237 |
From | |
Subject | "Price Inquiry For New Order" |
Attachment | "HTG-85709411.zip" |
MD5 | ec6176b63930d4cabb830b0fed756a27 |
SHA256 | f1cf481293021853559f52a79686ed190b1defbae9dbd49a77cbef05b49cb434 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(11)
Sender ip | 185.222.58.149 |
From | "baylee.zhan<[email protected]>" |
Subject | "=?UTF-8?B?UkU6IEFTUMSwTMSwQyAtIExJTkNPIFNQQVJFIFBBUlRTIE9GRkVSIC0gQVdBIFRvcmJlbiBBLiAtIDIwMDc3MTYy?=" |
Attachment | "QUOTATION.zip" |
MD5 | 6fd8ca7a49c30003d79cc51ad810bd83 |
SHA256 | 3b0be818ec1f4cc95a228e8d4104a0e957680931647d2a0255f1b67f7be29118 |
Family | Unknown |
(12)
Sender ip | 185.222.58.149 |
From | "dtaylor"<[email protected]>" |
Subject | "RE: SOA" |
Attachment | "SOA.rar.zip" |
MD5 | 5c09a4eb1d7526b739046c08989be4c4 |
SHA256 | 750ef49a08599d7405e81b958fbe7ab6c1f5df0481a5109e6992b533fe93b1c0 |
Family | AgentTesla |
If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube AgentTesla.
(13)
Sender ip | 103.232.53.200 |
From | "Accounts Payables" <[email protected]>" |
Subject | "Aw: Purchase Order 5638044" |
Attachment | "PO210530_332641-pdf.gz" |
MD5 | b3582752b61544543d331f8303b21983 |
SHA256 | b9a309747689d681c054b500e7a75ee5080daae1795dedd7bdeb58968d37c42f |
Family | Unknown |
If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Thank you ♥
YouTube channel
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA
Article Link: Phishing Attacks 8_6_2021