Sunday, June 12, 2016

Samantha Gann sent you "Scan001.zip"

Samantha Gann a file with you on Dropbox

The updated agreement with AlixPartners

Scan001.zip

Download

© 2016 Dropbox

Email screenshot :


Email analysis :

NOTE : no-reply@dropbox.com
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < americanexpress@welcome.aexp.com >
NOTE : Mime-Version : 1.0
NOTE : Content-Transfer-Encoding : 7bit
NOTE : Content-Type : text/html; charset=ISO-8859-1
NOTE : Received : from unknown (HELO NNZCABJO) (1.47.202.181)


NOTE : Samantha Gann sent you "Scan001.zip"

File analysis :

CLICK : DOWNLOAD
OPEN : https://www.cubbyusercontent.com/pl/Scan001.zip/_6ec59f8ef081469e9dba0d304a99cb9d
FILENAME : Scan001.zip
RESULT : File is a virus.

Virus analysis :

SHA256: e68dfb45eb15d675073486679ac94cac1788ea5c54a3e39cb9cddddaf73a179e
FILENAME : Scan001.zip
AVG : Downloader.Generic_c.ALTL
Ad-Aware : Trojan.GenericKD.3298975
AegisLab : Exploit.Script.Generic!c
Arcabit : Trojan.Generic.D32569F
Avast : Other:Malware-gen [Trj]
Avira (no cloud) : HEUR/Suspar.Gen
BitDefender : Trojan.GenericKD.3298975
DrWeb : JS.DownLoader.1225
ESET-NOD32 : JS/TrojanDownloader.Nemucod.ADU
Emsisoft : Trojan.GenericKD.3298975 (B)
F-Secure : Trojan.GenericKD.3298975
Fortinet : JS/Nemucod.ET!tr.dldr
GData : Trojan.GenericKD.3298975
Ikarus : JS.Trojan-Downloader.Rogue
K7AntiVirus : Trojan ( 004dfe6d1 )
K7GW : Trojan ( 004dfe6d1 )
Kaspersky : HEUR:Exploit.Script.Generic
McAfee : Generic.yd
McAfee-GW-Edition : Generic.yd
eScan : Trojan.GenericKD.3298975
Microsoft : TrojanDownloader:JS/Nemucod.AT
Rising : Exploit.Generic!8.3E1-aXLPd6nZxPO (Cloud)
TrendMicro : JS_NEMUCOD.QDA
TrendMicro-HouseCall : JS_NEMUCOD.QDA
No comments:
Labels : , , , , , , , ,

Friday, November 20, 2015

PO#847419

Dear Sir,

We are leading trading company in Dubai with versatile in all products, please provide a good price as we have attach our Quotation list, time of production and delivery. Await your urgent response.

Best regards,

Karlid Jeffro
Managing Director
Tel. +971 2 587 99 84
Fax. +971 2 503 99 42
Mobil. +971 50738499
email: karlid.jeffro@***.com
Web. www.***.com
________________________________________

Main Office
Petr Services LLC
P.O.Box 96234, Abu Dhabi,U.A.E. Al Musaffah

1 attachments (total 53.9 KB)

View slide show (1) Download

Email analysis :

NOTE : adminstrator@mail2world.com
NOTE : X-Antiabuse : Primary Hostname - ns348250.ip-37-187-253.eu
NOTE : Return-Path : < info1@mail.com >
NOTE : X-Authenticated-Sender : ns348250.ip-37-187-253.eu: admin@gamzat.com
NOTE : X-Get-Message-Sender-Via : ns348250.ip-37-187-253.eu: authenticated_id: admin@gamzat.com
NOTE : Received : from banathi.com (HELO ns348250.ip-37-187-253.eu) (37.187.253.103)
NOTE : Received : from host81-137-244-83.in-addr.btopenworld.com
NOTE : ([81.137.244.83]:52230 helo=AC-Server.accountax.com) by ns348250.ip-37-187-253.eu
NOTE : PO#847419
No comments:
Labels : , , , ,

Friday, July 17, 2015

Rép : Purchase Order

Good day,

I am Sandra Matinez from Garnet Chemicals Here in Tennessee Unites State. We am urgently in need of the attached product please send us more details and quote your best price of the product .

I are looking forward to your early reply.
Regards,

Regards
Sandra
Garnet Chemical
150 East 58th Street
Main Floor A+D Building - 10155
Tennessee, City, Chattanooga
Direct Mobile: +14237098388
Email: sandra.matinz@aol.com
Email: sandra.m@garnetchemicals.com

Purchase Order.ace

File analysis : Purchase Order.ace

SHA256 : ac5a73fa12ef31c352342af6fa0c1afc7b4731044d575dbbcff92a0ed00b3454
AVG : Luhe.Fiha.A
ESET-NOD32 : a variant of MSIL/Injector.KUC
Ikarus : Trojan.MSIL.Injector
Sophos : Mal/DrodAce-A

Email analysis :

NOTE : sandra.matinz@aol.com
NOTE : smatinz@hitachi-koki.com.sg
NOTE : Received : from [52.2.188.185]
NOTE : (account prohorova@wiegand-logistics.ru HELO WIN-POBK0T90HNH.ec2.internal)
NOTE : by backend12.aha.ru (CommuniGate Pro SMTP 4.3.11)
NOTE : Received : from aha.ru (backend12.aha.ru. [62.113.86.201])
No comments:
Labels : , , , ,

Tuesday, March 10, 2015

Payment copy

Dear Sir,

As directed by my manager, attached is the proof of payment made to your account yesterday.

Thanks

Regards,
Muhammad owais
Project Manager
Al Futtaim Carillion
Mobile:056 6560544

payment receipt.html

Email analysis :

NOTE : owaisklasson@gmail.com

File analysis :

DrWeb : SCRIPT.Virus
Qihoo-360 : html.redirector.an.gen
No comments:
Labels : , ,
Subscribe to: Posts (Atom)
Copyright © Scam.cz | Created by Rbcafe