Seite 44 von 44 ErsteErste ... 34424344
Ergebnis 431 bis 436 von 436

Thema: [Virus] Neue Bestellung / Lieferschein für xxx / Mahnung

  1. #431
    Urinstein Avatar von schara56
    Registriert seit
    03.08.2005
    Ort
    zuhause
    Beiträge
    7.259

    Standard


    header:
    01: Received: from mail.ptsg.co.ID: [ID filtered]
    02: by x (Postfix) with ESMTP ID: [ID filtered]
    03: for <x>; Thu, 25 May 2017 xx:xx:xx +0200 (CEST)
    04: Received: from webmail.ptsg.co.ID: [ID filtered]
    05: (Authenticated sender: lab [at] ptsg.co.id)
    06: by mail.ptsg.co.ID: [ID filtered]
    07: Thu, 25 May 2017 xx:xx:xx +0700 (WIT)
    Im Anhang: New Order 00BY1621.arj
    Code:
    AegisLab 			Troj.W32.Generic!c 			20170525
    ESET-NOD32 			a variant of Win32/GenKryptik.AHTT 	20170525
    Fortinet 			W32/Generic.M!tr 			20170525
    Ikarus 				Win32.Outbreak 				20170525
    Invincea 			virtool.win32.injector.fq 		20170519
    Kaspersky 			HEUR:Trojan.Win32.Generic 		20170525
    TrendMicro-HouseCall 		Suspicious_GEN.F47V0525 		20170525
    ZoneAlarm by Check Point 	HEUR:Trojan.Win32.Generic 		20170525
    Villains who twirl their mustaches are easy to spot.
    Those who cloak themselves in good deeds are well camouflaged.

    Sokath! His eyes uncovered!

  2. #432
    Urinstein Avatar von schara56
    Registriert seit
    03.08.2005
    Ort
    zuhause
    Beiträge
    7.259

    Standard


    header:
    01: Received: from ns1.banglanetbd.net (ns1.banglanetbd.net [75.126.46.114])
    02: (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
    03: (No client certificate requested)
    04: by x (Postfix) with ESMTPS ID: [ID filtered]
    05: for <x>; Tue, 11 Jul 2017 xx:xx:xx +0200 (CEST)
    06: Received: from toroon63-1279381429.sdsl.bell.ca ([76.65.207.181]:2870
    07: helo=dsenorthern.co.uk)
    08: by ns1.banglanetbd.net with esmtpa (Exim 4.87)
    09: (envelope-from <enquiries [at] dsenorthern.co.uk>)
    10: ID: [ID filtered]
    11: for x; Tue, 11 Jul 2017 xx:xx:xx -0500

    header:
    01: Received: from ns1.banglanetbd.net (ns1.banglanetbd.net [75.126.46.114])
    02: (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
    03: (No client certificate requested)
    04: by x (Postfix) with ESMTPS ID: [ID filtered]
    05: for <x>; Tue, 11 Jul 2017 xx:xx:xx +0200 (CEST)
    06: Received: from toroon63-1279381429.sdsl.bell.ca ([76.65.207.181]:1491
    07: helo=dsenorthern.co.uk)
    08: by ns1.banglanetbd.net with esmtpa (Exim 4.87)
    09: (envelope-from <enquiries [at] dsenorthern.co.uk>)
    10: ID: [ID filtered]
    11: for x; Tue, 11 Jul 2017 xx:xx:xx -0500
    whois:https://deref-mail.com/mail/client/*schnapp*/dereferrer/?redirectUrl=
    whois:https://deref-mail.com/mail/client/*schnapp*/dereferrer/?redirectUrl=
    whois:https://deref-mail.com/mail/client/*schnapp*/dereferrer/?redirectUrl=
    whois:https://deref-mail.com/mail/client/*schnapp*/dereferrer/?redirectUrl=
    whois:https://deref-mail.com/mail/client/*schnapp*/dereferrer/?redirectUrl=
    whois:http://www.rickmers-reederei.com

    Im Anhang ein HTML-Dokument mit folgendem Download:
    whois:http://www.crackmiata.com/z/KW128.jar

    Dort heißt es dann
    This Account has been suspended.
    Contact your hosting provider for more information.
    Geändert von schara56 (11.07.2017 um 17:47 Uhr)
    Villains who twirl their mustaches are easy to spot.
    Those who cloak themselves in good deeds are well camouflaged.

    Sokath! His eyes uncovered!

  3. #433
    Urinstein Avatar von schara56
    Registriert seit
    03.08.2005
    Ort
    zuhause
    Beiträge
    7.259

    Standard


    header:
    01: Received: from mail.misc.go.th (58-97-113-102.static.asianet.co.th
    02: [58.97.113.102])
    03: (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
    04: (No client certificate requested)
    05: by x (Postfix) with ESMTPS ID: [ID filtered]
    06: for <x>; Sat, 29 Jul 2017 xx:xx:xx +0200 (CEST)
    07: Received: from postoffice.com (unknown [84.38.130.246])
    08: (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
    09: (No client certificate requested)
    10: by mail.misc.go.th (Postfix) with ESMTPSA ID: [ID filtered]
    11: for <x>; Fri, 28 Jul 2017 xx:xx:xx +0700 (ICT)
    Server Message

    *Dear ***schnapp**

    Our record indicates that you recently made a request to shutdown your email
    account(**schnapp**). And this request will be processed shortly.

    If this request was made accidentally and you have no knowledge of it, you are
    advised to cancel the request now

    Cancel De-activation whois:http://smpeducation.com/test/crypt/index.html?email=%0%>

    However, if you do not cancel this request, your account will be shutdown
    shortly and all your email data will be lost permanently.

    Regards.
    *Email Administrator*

    --------------------------------------------------------------------------------

    This message is auto-generated from E-mail security server, and replies sent to
    this email can not be delivered.
    This email is meant for: **schnapp**
    Villains who twirl their mustaches are easy to spot.
    Those who cloak themselves in good deeds are well camouflaged.

    Sokath! His eyes uncovered!

  4. #434
    Urinstein Avatar von schara56
    Registriert seit
    03.08.2005
    Ort
    zuhause
    Beiträge
    7.259

    Standard


    header:
    01: Received: from lserver228.megavelocity.net (lserver228.megavelocity.net
    02: [205.204.76.173])
    03: (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
    04: (No client certificate requested)
    05: by x (Postfix) with ESMTPS ID: [ID filtered]
    06: for <x>; Sun, 30 Jul 2017 xx:xx:xx +0200 (CEST)
    07: Received: from [162.248.244.226] (port=25762)
    08: by lserver228.megavelocity.net with esmtpa (Exim 4.89)
    09: (envelope-from <shanti [at] swiftcargo.com>)
    10: ID: [ID filtered]
    Dear Sir,

    Attn : All


    Please note that they have provided shipment Billing Details at the time
    So see enclosed/Attached file BL Draft, Also if GST Registration details are provided, All you will fine as per attached .
    please freview attached and forward the same soon to ensure Hassle Free BL release and to provide Invoices on time.

    Please note that we will be able to amend any request for change of Customer Name, Address, GSTIN, etc, on the Invoice.

    Thanks & Regards,
    S* N*
    Asst Manager- Customer Service


    Gundecha Onclave, 3C2 C Wing,
    Kherani Road, Saki Naka
    Andheri (East),
    Mumbai 400072
    Im Anhang eine "AGP MOSAIC FANTIN SHIP CAG LOTSMV SAILING.r11" mit folgendem Inhalt:
    https://www.virustotal.com/de/file/e...cfe6/analysis/
    Villains who twirl their mustaches are easy to spot.
    Those who cloak themselves in good deeds are well camouflaged.

    Sokath! His eyes uncovered!

  5. #435
    Urinstein Avatar von schara56
    Registriert seit
    03.08.2005
    Ort
    zuhause
    Beiträge
    7.259

    Standard


    header:
    01: Received: from qoa-mxgw.safaricombusiness.co.ke (posta.safaricombusiness.co.ke
    02: [197.248.254.164])
    03: by x (Postfix) with ESMTP ID: [ID filtered]
    04: for <x>; Tue, 1 Aug 2017 xx:xx:xx +0200 (CEST)
    05: X-IronPort-AV: E=Sophos;i="5.39,386,1493683200";
    06: d="scan'208,217";a="1713868"
    07: Received: from host24.safaricombusiness.co.ke ([197.248.5.24])
    08: by qoa-mxgw.safaricombusiness.co.ke with ESMTP; 01 Aug 2017 xx:xx:xx +0300
    09: Received: from [::1] (port=45453 helo=host24.safaricombusiness.co.ke)
    10: by host24.safaricombusiness.co.ke with esmtpa (Exim 4.89)
    11: (envelope-from <emailteamsarah007 [at] gmail.com>)
    12: ID: [ID filtered]
    Email De-Activation

    DEAR EMAIL USER

    Our Data Base shows a shutdown request made by you to our technical team
    asking us to immediately shut down your E-mail account. This request
    will be processed shortly.

    If this request was made accidentally or you have no knowledge of it,
    you are advised to undo De-Activation now.

    Undo De-Activation [1]

    Note: if you do not Undo this request, your account will be disabled
    shortly and all your email data will be lost permanently.

    Regards.
    E-MAIL SERVICES.

    -------------------------

    This message is auto-generated from E-mail security server, and replies
    sent to this email can not be delivered.
    This email is meant for our Email subscriber only.



    Links:
    ------
    [1] whois:https://dashingboutique.in/pp/crypt/index.html
    Villains who twirl their mustaches are easy to spot.
    Those who cloak themselves in good deeds are well camouflaged.

    Sokath! His eyes uncovered!

  6. #436
    Urinstein Avatar von schara56
    Registriert seit
    03.08.2005
    Ort
    zuhause
    Beiträge
    7.259

    Standard


    header:
    01: Received: from lynxauto_1.norjac.co.uk (host81-136-165-69.in-addr.btopenworld.com
    02: [81.136.165.69])
    03: by x (Postfix) with ESMTP ID: [ID filtered]
    04: for <x>; Mon, 7 Aug 2017 xx:xx:xx +0200 (CEST)
    05: Received: from IP-220-69.dataclub.biz ([46.183.220.69]) by
    06: lynxauto_1.norjac.co.uk with Microsoft SMTPSVC(6.0.3790.3959);
    07: Mon, 7 Aug 2017 xx:xx:xx +0100
    Server Message

    Dear x Our record indicates that you recently made a request to shutdown your email (x). And this request will be processed shortly. If this request was made accidentally and you have no knowledge of it, you are advised to cancel the request now

    Cancel De-activation

    However, if you do not cancel this request, the your account will be shutdown shortly
    and all your email data will be lost permanently. Regards.
    Email Administrator

    This message is auto-generated from E-mail security server, and replies sent to this email can not be delivered.
    This email is meant for: x
    whois:http://www.pustaka.uninus.ac.id/Wp-manager/Domain/crypt/index.html?userid=3D*schnapp* (whois:103.28.12.77)
    Villains who twirl their mustaches are easy to spot.
    Those who cloak themselves in good deeds are well camouflaged.

    Sokath! His eyes uncovered!

Seite 44 von 44 ErsteErste ... 34424344

Lesezeichen

Lesezeichen

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •  
Partnerlink:
REDDOXX Anti-Spam Lösungen