Phishing Attacks 8_6_2021

 





(1)

Sender ip

81.1.11.121

From

"Contabilidad Aux"

Subject

"Outstanding Payment"

Attachment

"Outstanding Payments.img"

MD5

5083b82aadd8093824ffb240ad814553

SHA256

ba966be275e4b3473d0fb947fe795f1e7a80ba7ad13b10f6bf5f48872c3b7920

Family

Loki

 


(2)

Sender ip

45.137.22.37

From

155.94.136.153

Subject

"BQ/2021/PROC/MB-06-07"

Attachment

"quote_06-07.zip"

MD5

5b1aad08ce2c6b664b5ed0a76abd1e0f

SHA256

32d624a2598e72f5120887240867fd6f35faa7e8ed04adb232c37a0ca0498650

Family

AgentTesla

    If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(3)

 

Sender ip

193.201.172.120

From

"DHL Express Delivery Services" <[email protected]>"

Subject

"Your package has been returned to the sender."

Attachment

"PcLjY.xlsm"

MD5

147418dcb1b8dfd98570cca5ba60b0c8

SHA256

943e042a068c9c079f94ba50ed5e769ff959f79cbcf6dea8d9b09f0a388a0d28

Family

Unknown

 


(4)

 

Sender ip

64.44.139.163

From

"FORTUNE STAR SHIPPING PTE LTD<[email protected]>"

Subject

"MV XIN HAI TONG23 - AGENT NOMINATION / PDA REQUEST"

Attachment

"MASTER CONTACT DETAILS.rar"

MD5

97ee77d34e27fc891934d0ceda085a29

SHA256

9b535df4412e9df0e5e9b1a76f64a2f977ec3ab8a59abcc77dbd95e562012992

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(5)

Sender ip

185.222.58.158

From

"TNT EXPRESS INC <[email protected]>"

Subject

"RE:**TOP URGENT** Consignment Notification: You have A Package With Us"

Attachment

"Consignment Document.pdf.rar"

MD5

96aca8bae54d2bebff8672a396e25b60

SHA256

216db56b88f1aa79e283a6d94ab8279464eb2d1646952bfce59051c57028f925

Family

AgentTesla

  If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(6)

Sender ip

103.232.53.200

From

"Sales Department <[email protected]>"

Subject

"RFQ: Pattern quotation 5638044"

Attachment

"387-3703_drw - PRODUCTION-pdf.gz"

MD5

cf8c70f20e71f91389ab45d46a7fc576

SHA256

b4bdffe4d750442723727823a4efd9e0c9f048dde37c127d144e33de96c6af7b

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(7)

Sender ip

185.222.58.149

From

"Katrina Payne<[email protected]>"

Subject

"RE:REMITTANCE ADVICE (Balance Payment_Y/ref Invoice No. 309320_ EK (URGENT!)"

Attachment

"Invoice No. 309320.zip"

MD5

f6caf58b4b4df91e45db5f938cb96573

SHA256

2d2c4e635a371703010f38a45110fb8b52fe50eb02d9469f8dac7686e7b2feb8

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(8)

Sender ip

185.25.20.204

From

"[email protected]"

Subject

"Re: Purchase Order Confirmation"

Attachment

"Purchase Order(1).zip"

MD5

9d62a1d2e21498afe9032e6cb2cb4c8c

SHA256

4ba2e9dac0846744d8dd87a996f08d7c2c98fca542a9d309a2b3d0feceb5f1c1

Family

NanoCore

If you wanna know how to analysis NanoCore Malware you can check my analysis in YouTube  NanoCore.. 


(9)

Sender ip

142.93.99.134

From

"Mazen Jaber <[email protected]>"

Subject

"Urgent!!! Our Payment (39.750,00 USD)"

Attachment

"Bank TT Copy.iso"

MD5

e606dc50102a6aab21586c81682b5c2d

SHA256

034f770796527674a91815023e4bf24699a8ca31efe6a2349188af32e6e67060

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(10)

Sender ip

172.106.111.237

From

"b[email protected]"

Subject

"Price Inquiry For New Order"

Attachment

"HTG-85709411.zip"

MD5

ec6176b63930d4cabb830b0fed756a27

SHA256

f1cf481293021853559f52a79686ed190b1defbae9dbd49a77cbef05b49cb434

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(11)

Sender ip

185.222.58.149

From

"baylee.zhan<[email protected]>"

Subject

"=?UTF-8?B?UkU6IEFTUMSwTMSwQyAtIExJTkNPIFNQQVJFIFBBUlRTIE9GRkVSIC0gQVdBIFRvcmJlbiBBLiAtIDIwMDc3MTYy?="

Attachment

"QUOTATION.zip"

MD5

6fd8ca7a49c30003d79cc51ad810bd83

SHA256

3b0be818ec1f4cc95a228e8d4104a0e957680931647d2a0255f1b67f7be29118

Family

Unknown


(12)

Sender ip

185.222.58.149

From

"dtaylor"<[email protected]>"

Subject

"RE: SOA"

Attachment

"SOA.rar.zip"

MD5

5c09a4eb1d7526b739046c08989be4c4

SHA256

750ef49a08599d7405e81b958fbe7ab6c1f5df0481a5109e6992b533fe93b1c0

Family

AgentTesla

 If you wanna know how to analysis AgentTesla Malware you can check my analysis in YouTube  AgentTesla.

(13)

Sender ip

103.232.53.200

From

"Accounts Payables" <[email protected]>"

Subject

"Aw: Purchase Order 5638044"

Attachment

"PO210530_332641-pdf.gz"

MD5

b3582752b61544543d331f8303b21983

SHA256

b9a309747689d681c054b500e7a75ee5080daae1795dedd7bdeb58968d37c42f

Family

Unknown



If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Thank you ♥  

YouTube channel 
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA


Article Link: Phishing Attacks 8_6_2021