Boleto de Cobrança Referente ao pedido: 00197742
Caro(a) cliente
Informo que a duplicata com vencimento em 05/07 no valor de R$2.554,07 não foi paga.
Faça o download da 2ª via da duplicata atualizada para pagamento.
Download boleto atualizado
Aguardamos o pagamento do boleto. O não pagamento do acordo nos prazos estabelecidos
acarretara multa e juros de mora de 0,5% (meio por cento) ao dia.
Atenciosamente.
Aldo A. Silva
Setor Financeiro.
Alfa finaceira Ltda
CNPJ: 61.198.164/0001-60
ref: 933170
[Time_long]
Virus analysis
CLICK : Download boleto atualizado
OPEN : http://bit.ly/1e0X1SA
DOWNLOAD FILE : Documento_N_908301238HAK38-31.zip
SHA256 : 50fb97d11dc2dfd85ebf2242aa8919829ac955906094f1868d13dadabda45ffe
Avast : Win32:Malware-gen
Baidu-International : Trojan.Win32.Downloader.aa
DrWeb : Trojan.MulDrop5.63051
Kaspersky : HEUR:Trojan-Downloader.Win32.Generic
Sophos : Mal/BredoZp-B
Email analysis :
NOTE : melissa.santana@trifil.com.br
NOTE : Received : from vps2477.vpsunit.com (83.125.87.89)
NOTE : 83.125.87.89 (vps2477.vpsunit.com)
Friday, July 17, 2015
Rép : Purchase Order
Good day,
I am Sandra Matinez from Garnet Chemicals Here in Tennessee Unites State. We am urgently in need of the attached product please send us more details and quote your best price of the product .
I are looking forward to your early reply.
Regards,
Regards
Sandra
Garnet Chemical
150 East 58th Street
Main Floor A+D Building - 10155
Tennessee, City, Chattanooga
Direct Mobile: +14237098388
Email: sandra.matinz@aol.com
Email: sandra.m@garnetchemicals.com
Purchase Order.ace
File analysis : Purchase Order.ace
SHA256 : ac5a73fa12ef31c352342af6fa0c1afc7b4731044d575dbbcff92a0ed00b3454
AVG : Luhe.Fiha.A
ESET-NOD32 : a variant of MSIL/Injector.KUC
Ikarus : Trojan.MSIL.Injector
Sophos : Mal/DrodAce-A
Email analysis :
NOTE : sandra.matinz@aol.com
NOTE : smatinz@hitachi-koki.com.sg
NOTE : Received : from [52.2.188.185]
NOTE : (account prohorova@wiegand-logistics.ru HELO WIN-POBK0T90HNH.ec2.internal)
NOTE : by backend12.aha.ru (CommuniGate Pro SMTP 4.3.11)
NOTE : Received : from aha.ru (backend12.aha.ru. [62.113.86.201])
I am Sandra Matinez from Garnet Chemicals Here in Tennessee Unites State. We am urgently in need of the attached product please send us more details and quote your best price of the product .
I are looking forward to your early reply.
Regards,
Regards
Sandra
Garnet Chemical
150 East 58th Street
Main Floor A+D Building - 10155
Tennessee, City, Chattanooga
Direct Mobile: +14237098388
Email: sandra.matinz@aol.com
Email: sandra.m@garnetchemicals.com
Purchase Order.ace
File analysis : Purchase Order.ace
SHA256 : ac5a73fa12ef31c352342af6fa0c1afc7b4731044d575dbbcff92a0ed00b3454
AVG : Luhe.Fiha.A
ESET-NOD32 : a variant of MSIL/Injector.KUC
Ikarus : Trojan.MSIL.Injector
Sophos : Mal/DrodAce-A
Email analysis :
NOTE : sandra.matinz@aol.com
NOTE : smatinz@hitachi-koki.com.sg
NOTE : Received : from [52.2.188.185]
NOTE : (account prohorova@wiegand-logistics.ru HELO WIN-POBK0T90HNH.ec2.internal)
NOTE : by backend12.aha.ru (CommuniGate Pro SMTP 4.3.11)
NOTE : Received : from aha.ru (backend12.aha.ru. [62.113.86.201])
Thursday, July 9, 2015
Facture n 87/48/00220 ,BRIANT
Bonjour,
tu vois morad en fin de journée, mais au cas où
voici les factures misent à jour,
factures N°6 pour la PP et la villa étageet facture des peintures très bonne fin de journée,
Chadwick BRIANT
87_48_00220.doc
File analysis :
OPEN : 87_48_00220.doc
RESULT 87_48_00220.doc is a virus.
Email analysis :
NOTE : Received : from 401mac.401trucksource.com (207.54.122.181)
NOTE : chadwickbriantsu@401mac.401trucksource.com
NOTE : TCMime 1.0 by Tencent
NOTE : QQMail 2.x
NOTE : X-Originating-Ip : 207.54.122.181
Virus analysis :
FIle : 87_48_00220.doc
SHA256 : a912466c03f5cea660b98468277f01fc66492a4dee7c014f15cfa5508312db29
AVG : Generic13_c.AEAY
Arcabit : HEUR.VBA.Trojan
Avast : Other:Malware-gen [Trj]
Avira : W97M/Agent.18522
BitDefender : Trojan.Doc.Downloader.DW
DrWeb : VBS.Dropper.61
Emsisoft : Trojan.Doc.Downloader.DW (B)
F-Secure : Trojan.Doc.Downloader.DW
Fortinet : WM/Agent!tr
GData : Trojan.Doc.Downloader.DW
Kaspersky : Trojan-Downloader.MSWord.Agent.oc
McAfee : W97M/Downloader.ajz
MicroWorld-eScan : Trojan.Doc.Downloader.DW
Microsoft : TrojanDownloader:W97M/Adnel
Sophos : Troj/DocDl-TF
Symantec : W97M.Downloader
TrendMicro : W2KM_BA.AB553B8F
TrendMicro-HouseCall : W2KM_BA.AB553B8F
tu vois morad en fin de journée, mais au cas où
voici les factures misent à jour,
factures N°6 pour la PP et la villa étageet facture des peintures très bonne fin de journée,
Chadwick BRIANT
87_48_00220.doc
File analysis :
OPEN : 87_48_00220.doc
RESULT 87_48_00220.doc is a virus.
Email analysis :
NOTE : Received : from 401mac.401trucksource.com (207.54.122.181)
NOTE : chadwickbriantsu@401mac.401trucksource.com
NOTE : TCMime 1.0 by Tencent
NOTE : QQMail 2.x
NOTE : X-Originating-Ip : 207.54.122.181
Virus analysis :
FIle : 87_48_00220.doc
SHA256 : a912466c03f5cea660b98468277f01fc66492a4dee7c014f15cfa5508312db29
AVG : Generic13_c.AEAY
Arcabit : HEUR.VBA.Trojan
Avast : Other:Malware-gen [Trj]
Avira : W97M/Agent.18522
BitDefender : Trojan.Doc.Downloader.DW
DrWeb : VBS.Dropper.61
Emsisoft : Trojan.Doc.Downloader.DW (B)
F-Secure : Trojan.Doc.Downloader.DW
Fortinet : WM/Agent!tr
GData : Trojan.Doc.Downloader.DW
Kaspersky : Trojan-Downloader.MSWord.Agent.oc
McAfee : W97M/Downloader.ajz
MicroWorld-eScan : Trojan.Doc.Downloader.DW
Microsoft : TrojanDownloader:W97M/Adnel
Sophos : Troj/DocDl-TF
Symantec : W97M.Downloader
TrendMicro : W2KM_BA.AB553B8F
TrendMicro-HouseCall : W2KM_BA.AB553B8F
Monday, July 6, 2015
revised order ( Virus )
Dear Sir,
Attach is our revised order, Waiting for your invoice
Thank you.
Ahmed Ragheb
Assad Business LLC
Tel:86-22-28246951
Download
File analysis :
CLICK : Download
OPEN : http://ge.tt/api/1/files/649DtgJ2/0/blob?download
DOWNLOAD : Revised Order..........rar
CONCLUSION : This is a virus.
Virus analysis :
SHA256: 6c6ff658c9a8c574898c139d40069db25e2f3377615269e35ae29ee3d2a17db5
AVG MSIL8.APEG
Ad-Aware Gen:Heur.MSIL.Androm.10
Arcabit Trojan.MSIL.Androm.10
Avast Win32:Malware-gen
Avira TR/Dropper.MSIL.52174
BitDefender Gen:Heur.MSIL.Androm.10
DrWeb Trojan.DownLoader14.27222
ESET-NOD32 a variant of MSIL/Injector.KNB
Emsisoft Gen:Heur.MSIL.Androm.10 (B)
F-Secure Gen:Heur.MSIL.Androm.10
GData Win32.Trojan-Dropper.Agent.GP
Kaspersky Trojan.MSIL.Inject.ccfx
Malwarebytes Spyware.Password
McAfee Dropper-FOC!BABC3B054967
MicroWorld-eScan Gen:Heur.MSIL.Androm.10
Panda Generic Suspicious 20150705
Sophos Mal/MSIL-OY
Symantec Suspicious.Cloud.5
TrendMicro HEUR_NAMETRICK.B
TrendMicro-HouseCall TROJ_GE.FE94127C
Email analysis :
NOTE : md.hashem2012@gmail.com
NOTE : Received : by 10.194.125.14 with HTTP
Attach is our revised order, Waiting for your invoice
Thank you.
Ahmed Ragheb
Assad Business LLC
Tel:86-22-28246951
Download
File analysis :
CLICK : Download
OPEN : http://ge.tt/api/1/files/649DtgJ2/0/blob?download
DOWNLOAD : Revised Order..........rar
CONCLUSION : This is a virus.
Virus analysis :
SHA256: 6c6ff658c9a8c574898c139d40069db25e2f3377615269e35ae29ee3d2a17db5
AVG MSIL8.APEG
Ad-Aware Gen:Heur.MSIL.Androm.10
Arcabit Trojan.MSIL.Androm.10
Avast Win32:Malware-gen
Avira TR/Dropper.MSIL.52174
BitDefender Gen:Heur.MSIL.Androm.10
DrWeb Trojan.DownLoader14.27222
ESET-NOD32 a variant of MSIL/Injector.KNB
Emsisoft Gen:Heur.MSIL.Androm.10 (B)
F-Secure Gen:Heur.MSIL.Androm.10
GData Win32.Trojan-Dropper.Agent.GP
Kaspersky Trojan.MSIL.Inject.ccfx
Malwarebytes Spyware.Password
McAfee Dropper-FOC!BABC3B054967
MicroWorld-eScan Gen:Heur.MSIL.Androm.10
Panda Generic Suspicious 20150705
Sophos Mal/MSIL-OY
Symantec Suspicious.Cloud.5
TrendMicro HEUR_NAMETRICK.B
TrendMicro-HouseCall TROJ_GE.FE94127C
Email analysis :
NOTE : md.hashem2012@gmail.com
NOTE : Received : by 10.194.125.14 with HTTP
Thursday, July 2, 2015
Nota Fiscal de Serviços 29/06.
Nota Fiscal de Serviços Eletrônica
-------------------------
Série: 003
Número: 000.017.161
Data de emissão: 29/06/2015
Chave de acesso: Visualizar
Número do protocolo de autorização de uso: 1311310426761090
----------------------------------------
ROD FERNÃO DIAS, S/N, S/N - KM 813
CRUZ ALTA,
CEP: 37550-000 FONE: 3538298009
Virus Analysis :
NOTE : http://bit.ly/1NunmVk
NOTE : https://www.dropbox.com/s/kdp46m0rc2hjild/NFSe.0187317HA7Y3HA713123.rar?dl=1
Email analysis :
NOTE : renata.seixas@aggreko.com.br
NOTE : Received : from vps2370.vpsunit.com (83.125.87.20)
NOTE : Received : by vps2370.vpsunit.com
-------------------------
Série: 003
Número: 000.017.161
Data de emissão: 29/06/2015
Chave de acesso: Visualizar
Número do protocolo de autorização de uso: 1311310426761090
----------------------------------------
ROD FERNÃO DIAS, S/N, S/N - KM 813
CRUZ ALTA,
CEP: 37550-000 FONE: 3538298009
Virus Analysis :
NOTE : http://bit.ly/1NunmVk
NOTE : https://www.dropbox.com/s/kdp46m0rc2hjild/NFSe.0187317HA7Y3HA713123.rar?dl=1
Email analysis :
NOTE : renata.seixas@aggreko.com.br
NOTE : Received : from vps2370.vpsunit.com (83.125.87.20)
NOTE : Received : by vps2370.vpsunit.com
Monday, June 15, 2015
My Resume
Hey.
I saw your business today Fri, 12 Jun 2015 and found it very interesting. I was hoping there was any possibility of internship, just to prove my competence. As you will see in my attached CV, I am very qualified and have a very sweeping experience in this line of employment. I am confident it will be worth your time reading it, and I am even more confident you will find me very suitable in your company.
Please see my attached CV.
I'm very much looking forward to hearing from you.
Respectfully,
Gail Kosyla
My_Resume_2426.doc
Email analysis :
NOTE : rafaellostirling@yahoo.com
NOTE : client-ip=67.195.87.25;
File analysis :
My_Resume_2426.doc is a virus.
Virus analysis :
CAT-QuickHeal : O97M.Dropper.BR
ESET-NOD32 : VBA/TrojanDownloader.Agent.UK
Fortinet : WM/Agent!tr
GData : Macro.Trojan.Agent.O2LT4A
Ikarus : Trojan-Downloader.VBA.Agent
NANO-Antivirus : Trojan.Script.Agent.dslepx
Sophos : Troj/DocDl-QT
Symantec : W97M.Downloader
TrendMicro : W2KM_DLOADER.HB
TrendMicro-HouseCall : Suspicious_GEN.F47V0612
I saw your business today Fri, 12 Jun 2015 and found it very interesting. I was hoping there was any possibility of internship, just to prove my competence. As you will see in my attached CV, I am very qualified and have a very sweeping experience in this line of employment. I am confident it will be worth your time reading it, and I am even more confident you will find me very suitable in your company.
Please see my attached CV.
I'm very much looking forward to hearing from you.
Respectfully,
Gail Kosyla
My_Resume_2426.doc
Email analysis :
NOTE : rafaellostirling@yahoo.com
NOTE : client-ip=67.195.87.25;
File analysis :
My_Resume_2426.doc is a virus.
Virus analysis :
CAT-QuickHeal : O97M.Dropper.BR
ESET-NOD32 : VBA/TrojanDownloader.Agent.UK
Fortinet : WM/Agent!tr
GData : Macro.Trojan.Agent.O2LT4A
Ikarus : Trojan-Downloader.VBA.Agent
NANO-Antivirus : Trojan.Script.Agent.dslepx
Sophos : Troj/DocDl-QT
Symantec : W97M.Downloader
TrendMicro : W2KM_DLOADER.HB
TrendMicro-HouseCall : Suspicious_GEN.F47V0612
Monday, June 8, 2015
ACHATS EMBALLAGES
Bonjour,
Vous trouverez en pièce jointe la facture toujours en attente de règlement depuis le mois de Septembre d’un montant de 1927.80 €.
Pouvez-vous faire le nécessaire ASAP.
Stella Tryba
ACHATS EMBALLAGES
147C_553956074A.doc
Email analysis :
NOTE : StellaTrybams@mail1.zhr.cz
NOTE : Received : from mail1.zhr.cz (77.48.20.246)
NOTE : X-Mozilla-Draft-Info : internal/draft; vcard=0; receipt=0; DSN=0; uuencode=0; attachmentreminder=0
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
File analysis :
NOTE : OPEN : 147C_553956074A.doc
RESULT : VIRUS
Virus analysis :
Arcabit HEUR.VBA.Trojan
Vous trouverez en pièce jointe la facture toujours en attente de règlement depuis le mois de Septembre d’un montant de 1927.80 €.
Pouvez-vous faire le nécessaire ASAP.
Stella Tryba
ACHATS EMBALLAGES
147C_553956074A.doc
Email analysis :
NOTE : StellaTrybams@mail1.zhr.cz
NOTE : Received : from mail1.zhr.cz (77.48.20.246)
NOTE : X-Mozilla-Draft-Info : internal/draft; vcard=0; receipt=0; DSN=0; uuencode=0; attachmentreminder=0
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
File analysis :
NOTE : OPEN : 147C_553956074A.doc
RESULT : VIRUS
Virus analysis :
Arcabit HEUR.VBA.Trojan
Wednesday, May 27, 2015
Rép :Re:Re:NEW ORDER (Virus)
l have checked and back to you again, please check the attached Purchase Order and see the products and quantities WE needs and quote your best price by issuing us price list and Perform Invoice accordingly.you will see the specific brand,description of the product we want your company to supply to us. We expect to hear from you shortly to enable us set with the purchase arrangement/agreement once the price is competitive and we get your assurance on the quality of the products.
Your early reply is highly appreciated.
Thank You !
Regards
Mis.July Doin
Vice General Manager
---------------------------------------------------------
Purchasing Manager
Addweden Svenska SAP
Svenska AB 151 D Zip Code:55652
Tel:46-858-780000/Fax:46-858-780001
Email:julydoin1@hotmail.com
Email analysis :
NOTE : Julydoin@hotmail.com
NOTE : royalbankofscotlandn@gmail.com
Virus analysis :
SHA256: 64d7f46ef678cb27e60a7992be9f5095eb5b61b959a16d4cb9441757349fba11
FILENAME : NEW ORDER.ace
==================================
AVG : MSIL2.BGGQ
Ad-Aware : Gen:Variant.Kazy.263448
Avast : MSIL:GenMalicious-RW [Trj]
Avira : TR/Meredrop.EB.1
BitDefender : Gen:Variant.Kazy.263448
ESET-NOD32 : a variant of MSIL/Injector.BYE
Emsisoft : Gen:Variant.Kazy.263448 (B)
F-Secure : Gen:Variant.Kazy.263448
GData : Gen:Variant.Kazy.263448
Ikarus : Backdoor.Androm
Kaspersky : Trojan-Dropper.Win32.Sysn.aweg
MicroWorld-eScan : Gen:Variant.Kazy.263448
Panda : Generic Malware
Sophos : Mal/DrodAce-A
==================================
Your early reply is highly appreciated.
Thank You !
Regards
Mis.July Doin
Vice General Manager
---------------------------------------------------------
Purchasing Manager
Addweden Svenska SAP
Svenska AB 151 D Zip Code:55652
Tel:46-858-780000/Fax:46-858-780001
Email:julydoin1@hotmail.com
Email analysis :
NOTE : Julydoin@hotmail.com
NOTE : royalbankofscotlandn@gmail.com
Virus analysis :
SHA256: 64d7f46ef678cb27e60a7992be9f5095eb5b61b959a16d4cb9441757349fba11
FILENAME : NEW ORDER.ace
==================================
AVG : MSIL2.BGGQ
Ad-Aware : Gen:Variant.Kazy.263448
Avast : MSIL:GenMalicious-RW [Trj]
Avira : TR/Meredrop.EB.1
BitDefender : Gen:Variant.Kazy.263448
ESET-NOD32 : a variant of MSIL/Injector.BYE
Emsisoft : Gen:Variant.Kazy.263448 (B)
F-Secure : Gen:Variant.Kazy.263448
GData : Gen:Variant.Kazy.263448
Ikarus : Backdoor.Androm
Kaspersky : Trojan-Dropper.Win32.Sysn.aweg
MicroWorld-eScan : Gen:Variant.Kazy.263448
Panda : Generic Malware
Sophos : Mal/DrodAce-A
==================================
Thursday, May 21, 2015
Invoices
Please review the attached invoices and pay them at your earliest convenience. Feel free to contact us if you have any questions.
Thank you.
Email analysis :
NOTE : application@hmrc.gov.uk
NOTE : soundesti7@compufort.com
NOTE : Received : from [110.120.202.131]
NOTE : (port=19367 helo=[192.168.4.77])
NOTE : by 69.3.15.254
Virus analysis :
AVG FakeAlert
AVware Win32.Malware!Drop
Ad-Aware Trojan.GenericKD.2427700
Avast Win32:Trojan-gen
Avira TR/Crypt.Xpack.230760
Baidu-International Trojan.Win32.BitWall.ia
BitDefender Trojan.GenericKD.2427700
Cyren W32/Trojan.RXVE-1253
DrWeb Trojan.Click3.12191
ESET-NOD32 Win32/TrojanDownloader.Agent.BEL
Emsisoft Trojan.GenericKD.2427700 (B)
F-Prot W32/Trojan3.PUX
F-Secure Trojan.GenericKD.2427700
GData Trojan.GenericKD.2427700
Ikarus Trojan.Crypt
K7AntiVirus Trojan ( 7000000c1 )
K7GW Trojan ( 700001211 )
Kaspersky Trojan-Spy.Win32.BitWall.ia
Malwarebytes Trojan.Upatre.DG
McAfee Downloader-FAUU!06DC3128D83A
McAfee-GW-Edition New Malware.jj
MicroWorld-eScan Trojan.GenericKD.2427700
Microsoft TrojanDownloader:Win32/Ruckguv.A
Panda Trj/Chgt.O
Qihoo-360 HEUR/QVM19.1.Malware.Gen
Sophos Troj/Invo-Zip
Symantec Infostealer.Limitail
Tencent Win32.Trojan.Fakedoc.Auto
TrendMicro TROJ_DLOADR.DYR
TrendMicro-HouseCall Suspicious_GEN.F47V0520
VIPRE Win32.Malware!Drop
ViRobot Backdoor.Win32.S.Agent.52736.AF[h]
nProtect Trojan.GenericKD.2427700
Thank you.
Email analysis :
NOTE : application@hmrc.gov.uk
NOTE : soundesti7@compufort.com
NOTE : Received : from [110.120.202.131]
NOTE : (port=19367 helo=[192.168.4.77])
NOTE : by 69.3.15.254
Virus analysis :
AVG FakeAlert
AVware Win32.Malware!Drop
Ad-Aware Trojan.GenericKD.2427700
Avast Win32:Trojan-gen
Avira TR/Crypt.Xpack.230760
Baidu-International Trojan.Win32.BitWall.ia
BitDefender Trojan.GenericKD.2427700
Cyren W32/Trojan.RXVE-1253
DrWeb Trojan.Click3.12191
ESET-NOD32 Win32/TrojanDownloader.Agent.BEL
Emsisoft Trojan.GenericKD.2427700 (B)
F-Prot W32/Trojan3.PUX
F-Secure Trojan.GenericKD.2427700
GData Trojan.GenericKD.2427700
Ikarus Trojan.Crypt
K7AntiVirus Trojan ( 7000000c1 )
K7GW Trojan ( 700001211 )
Kaspersky Trojan-Spy.Win32.BitWall.ia
Malwarebytes Trojan.Upatre.DG
McAfee Downloader-FAUU!06DC3128D83A
McAfee-GW-Edition New Malware.jj
MicroWorld-eScan Trojan.GenericKD.2427700
Microsoft TrojanDownloader:Win32/Ruckguv.A
Panda Trj/Chgt.O
Qihoo-360 HEUR/QVM19.1.Malware.Gen
Sophos Troj/Invo-Zip
Symantec Infostealer.Limitail
Tencent Win32.Trojan.Fakedoc.Auto
TrendMicro TROJ_DLOADR.DYR
TrendMicro-HouseCall Suspicious_GEN.F47V0520
VIPRE Win32.Malware!Drop
ViRobot Backdoor.Win32.S.Agent.52736.AF[h]
nProtect Trojan.GenericKD.2427700
Tuesday, May 12, 2015
My Resume
Hey there,
I saw your website today Tue, 12 May 2015 and im really hoping there is a opening or other possibility to get a chance to prove my competence.
As you will see in my resume I have a broad experience and knowledge in this line of work and im confident it will be worth your time reading it.
I am excited to hearing from you.
Please see my attached CV.
Best regards,
James Hattersley
Sent from my iPhone
Email analysis :
NOTE : any_montes73141@yahoo.com
NOTE : X-Yahoo-Newman-Property : ymail-4
NOTE : X-Mailer : iPhone Mail (9A405)
Virus analysis :
Open : CV_14131.doc
Check : This file is a virus.
AVware : LooksLike.Macro.Downloader.a (v)
Avast : Other:Malware-gen [Trj]
CAT-QuickHeal : O97M.Dropper.FK
ESET-NOD32 : VBA/TrojanDownloader.Agent.PP
Fortinet : WM/Agent!tr
GData : Macro.Trojan.Agent.22MP55
Ikarus : Trojan-Downloader.VBA.Agent
McAfee : W97M/Downloader.afs
McAfee-GW-Edition : W97M/Downloader.afs
Microsoft : TrojanDownloader:O97M/Donoff.gen!C
Sophos : Mal/DocDl-E
Symantec : W97M.Downloader
Tencent : Win32.Trojan-downloader.Agent.Efkp
TrendMicro-HouseCall : Suspicious_GEN.F47V0511
VIPRE : LooksLike.Macro.Downloader.a (v)
I saw your website today Tue, 12 May 2015 and im really hoping there is a opening or other possibility to get a chance to prove my competence.
As you will see in my resume I have a broad experience and knowledge in this line of work and im confident it will be worth your time reading it.
I am excited to hearing from you.
Please see my attached CV.
Best regards,
James Hattersley
Sent from my iPhone
Email analysis :
NOTE : any_montes73141@yahoo.com
NOTE : X-Yahoo-Newman-Property : ymail-4
NOTE : X-Mailer : iPhone Mail (9A405)
Virus analysis :
Open : CV_14131.doc
Check : This file is a virus.
AVware : LooksLike.Macro.Downloader.a (v)
Avast : Other:Malware-gen [Trj]
CAT-QuickHeal : O97M.Dropper.FK
ESET-NOD32 : VBA/TrojanDownloader.Agent.PP
Fortinet : WM/Agent!tr
GData : Macro.Trojan.Agent.22MP55
Ikarus : Trojan-Downloader.VBA.Agent
McAfee : W97M/Downloader.afs
McAfee-GW-Edition : W97M/Downloader.afs
Microsoft : TrojanDownloader:O97M/Donoff.gen!C
Sophos : Mal/DocDl-E
Symantec : W97M.Downloader
Tencent : Win32.Trojan-downloader.Agent.Efkp
TrendMicro-HouseCall : Suspicious_GEN.F47V0511
VIPRE : LooksLike.Macro.Downloader.a (v)
Tuesday, April 21, 2015
Hola my photo (Virus)
hola my new photo , send u photo
my_new_photo837847238947238947238472398.zip
Virus analysis :
Qihoo-360 : HEUR/QVM10.1.Malware.Gen
Sophos : Mal/Generic-S
Email analysis :
NOTE : hoeno0@networkadvertising.org
NOTE : Received : from [205.11.98.44] (helo=fklgamr.xvlhelxpewb.com)
NOTE : by with esmtpa (Exim 4.69) (envelope-from)
my_new_photo837847238947238947238472398.zip
Virus analysis :
Qihoo-360 : HEUR/QVM10.1.Malware.Gen
Sophos : Mal/Generic-S
Email analysis :
NOTE : hoeno0@networkadvertising.org
NOTE : Received : from [205.11.98.44] (helo=fklgamr.xvlhelxpewb.com)
NOTE : by with esmtpa (Exim 4.69) (envelope-from)
Thursday, April 16, 2015
Scanned Image from a Xerox WorkCentre (Virus)
Please open the attached document. It was scanned and sent to you using a Xerox WorkCentre Pro.
Sent by: ***
Number of Images: 4
Attachment File Type: ZIP [PDF]
File Name: Scan001_1257165_041.zip
WorkCentre Pro Location: Machine location not set
Device Name: ***.com
Attached file is scanned image in PDF format.
Adobe(R)Reader(R) can be downloaded from the following URL: http://www.adobe.com/
Email analysis :
NOTE : teg5@qmail.org
NOTE : Xerox.437@***
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Received : from 70.43.79.186.nw.nuvox.net (70.43.79.186)
File analysis :
ALYac : Trojan.GenericKD.2294006
AVG : Crypt4.NUT
AVware : Win32.Malware!Drop
Ad-Aware : Trojan.GenericKD.2294006
Antiy-AVL : Trojan[Downloader]/Win32.Upatre
Avast : Win32:Trojan-gen
Avira : TR/Crypt.Xpack.186216
Baidu-International : Trojan.Win32.Upatre.vxw
BitDefender : Trojan.GenericKD.2294006
CAT-QuickHeal : TrojanDownloader.Upatre.r5
CMC : Packed.Win32.Obfuscated.10!O
Cyren : W32/Trojan.IYUD-8977
DrWeb : Trojan.DownLoader12.60119
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.GenericKD.2294006 (B)
F-Prot : W32/Trojan3.OVQ
F-Secure : Trojan.GenericKD.2294006
Fortinet : W32/Waski.F!tr.dldr
GData : Trojan.GenericKD.2294006
Ikarus : Trojan-Downloader.Win32.Waski
K7AntiVirus : Trojan-Downloader ( 0049d22b1 )
K7GW : Trojan-Downloader ( 0049d22b1 )
Kaspersky : Trojan-Downloader.Win32.Upatre.vxw
Malwarebytes : Trojan.Upatre.Gen
McAfee : RDN/Generic.bfr!ih
McAfee-GW-Edition : RDN/Generic.bfr!ih
MicroWorld-eScan : Trojan.GenericKD.2294006
Microsoft : TrojanDownloader:Win32/Upatre.BC
NANO-Antivirus : Trojan.Win32.Upatre.dqmduh
Norman : Troj_Generic_2.A
Qihoo-360 : HEUR/QVM19.1.Malware.Gen
Sophos : Mal/Upatre-R
Symantec : Downloader.Upatre
Tencent : Win32.Trojan.Downloader-pdf.Auto
TrendMicro : TROJ_UPATRE.CUB
TrendMicro-HouseCall : Suspicious_GEN.F47V0413
VIPRE : Win32.Malware!Drop
ViRobot : Trojan.Win32.Agent.45568.JQ[h]
Zillya : Downloader.Upatre.Win32.22072
nProtect : Trojan.GenericKD.2294006
Sent by: ***
Number of Images: 4
Attachment File Type: ZIP [PDF]
File Name: Scan001_1257165_041.zip
WorkCentre Pro Location: Machine location not set
Device Name: ***.com
Attached file is scanned image in PDF format.
Adobe(R)Reader(R) can be downloaded from the following URL: http://www.adobe.com/
Email analysis :
NOTE : teg5@qmail.org
NOTE : Xerox.437@***
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Received : from 70.43.79.186.nw.nuvox.net (70.43.79.186)
File analysis :
ALYac : Trojan.GenericKD.2294006
AVG : Crypt4.NUT
AVware : Win32.Malware!Drop
Ad-Aware : Trojan.GenericKD.2294006
Antiy-AVL : Trojan[Downloader]/Win32.Upatre
Avast : Win32:Trojan-gen
Avira : TR/Crypt.Xpack.186216
Baidu-International : Trojan.Win32.Upatre.vxw
BitDefender : Trojan.GenericKD.2294006
CAT-QuickHeal : TrojanDownloader.Upatre.r5
CMC : Packed.Win32.Obfuscated.10!O
Cyren : W32/Trojan.IYUD-8977
DrWeb : Trojan.DownLoader12.60119
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.GenericKD.2294006 (B)
F-Prot : W32/Trojan3.OVQ
F-Secure : Trojan.GenericKD.2294006
Fortinet : W32/Waski.F!tr.dldr
GData : Trojan.GenericKD.2294006
Ikarus : Trojan-Downloader.Win32.Waski
K7AntiVirus : Trojan-Downloader ( 0049d22b1 )
K7GW : Trojan-Downloader ( 0049d22b1 )
Kaspersky : Trojan-Downloader.Win32.Upatre.vxw
Malwarebytes : Trojan.Upatre.Gen
McAfee : RDN/Generic.bfr!ih
McAfee-GW-Edition : RDN/Generic.bfr!ih
MicroWorld-eScan : Trojan.GenericKD.2294006
Microsoft : TrojanDownloader:Win32/Upatre.BC
NANO-Antivirus : Trojan.Win32.Upatre.dqmduh
Norman : Troj_Generic_2.A
Qihoo-360 : HEUR/QVM19.1.Malware.Gen
Sophos : Mal/Upatre-R
Symantec : Downloader.Upatre
Tencent : Win32.Trojan.Downloader-pdf.Auto
TrendMicro : TROJ_UPATRE.CUB
TrendMicro-HouseCall : Suspicious_GEN.F47V0413
VIPRE : Win32.Malware!Drop
ViRobot : Trojan.Win32.Agent.45568.JQ[h]
Zillya : Downloader.Upatre.Win32.22072
nProtect : Trojan.GenericKD.2294006
Thursday, April 9, 2015
NatWest Statement (Natwest Virus)
View Your March 2015 Online Financial Activity Statement
Keep track of your account with your latest Online Financial Activity Statement from NatWest Bank. It's available for you to view at this secure site. Just click to select how you would like to view your statement:
View/Download as a PDF
View all EStatements
So check out your statement right away, or at your earliest convenience.
Thank you for managing your account online.
Sincerely,
NatWest Bank
Please do not respond to this e-mail. If you have any questions about this inquiry message or your NatWest Bank Ū Merchant account, please speak to a Customer Service representative at 1-800-374-2639
NatWest Bank Customer Service Department
P.O. Box 414 | 38 Strand, WC2N 5JB, London
Copyright 2014 NatWest Company. All rights reserved.
AGNEUOMS0006001
Email analysis :
NOTE : noreply@natwest.com
NOTE : ldbsgw@brallc.com
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Received : from unknown (HELO IKAEMVMYO) (62.225.191.34)
Keep track of your account with your latest Online Financial Activity Statement from NatWest Bank. It's available for you to view at this secure site. Just click to select how you would like to view your statement:
View/Download as a PDF
View all EStatements
So check out your statement right away, or at your earliest convenience.
Thank you for managing your account online.
Sincerely,
NatWest Bank
Please do not respond to this e-mail. If you have any questions about this inquiry message or your NatWest Bank Ū Merchant account, please speak to a Customer Service representative at 1-800-374-2639
NatWest Bank Customer Service Department
P.O. Box 414 | 38 Strand, WC2N 5JB, London
Copyright 2014 NatWest Company. All rights reserved.
AGNEUOMS0006001
Email analysis :
NOTE : noreply@natwest.com
NOTE : ldbsgw@brallc.com
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Received : from unknown (HELO IKAEMVMYO) (62.225.191.34)
Monday, March 23, 2015
FW: Important documents (Bank Of America Virus)
Cash Pro logo
Cash Pro logo
Important account documents
Reference: C85
Case number: 4690473
Please scan attached document and fax it to +1 (888) 589-3716.
Please note that the Terms and Conditions available below are the Bank's most recently issued versions. Please bear in mind that earlier versions of these Terms and Conditions may apply to your products, depending on when you signed up to the relevant product or when you were last advised of any changes to your Terms and Conditions. If you have any questions regarding which version of the Terms and Conditions apply to your products, please contact your Relationship Manager.
Yours faithfully
Signature Image
Rosalyn Chavez
Senior Manager
Bank of America Commercial Banking
Rosalyn.Chavez@bankofamerica.com
Calls may be monitored or recorded in case we need to check we have carried out your instructions correctly and to help improve our quality of service.
2014 Bank of America Corporation. All rights reserved. CashPro is a registered trademark of Bank of America Corporation.
AccountDocuments.zip
Email analysis :
NOTE : Rosalyn.Chavez@bankofamerica.com
NOTE : yvx@blaudieck.com
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Received : from unknown (HELO ACSKURDN) (83.231.81.43)
Virus analysis :
OPEN : AccountDocuments.zip
RESULT : AccountDocuments.zip is a VIRUS
ALYac : Trojan.GenericKD.2234787
AVG : Generic_s.ELW
AVware : Win32.Malware!Drop
Ad-Aware : Trojan.GenericKD.2234787
Antiy-AVL : Trojan[Downloader]/Win32.Upatre
Avast : Win32:Trojan-gen
Avira : TR/Crypt.Xpack.166918
Baidu-International : Trojan.Win32.Upatre.vlt
BitDefender : Trojan.GenericKD.2234787
CAT-QuickHeal : TrojanDownloader.Upatre.r4
ClamAV : Win.Trojan.Upatre-582
Comodo : TrojWare.Win32.UMal.~A
Cyren : W32/Trojan.ZDMF-2227
DrWeb : Trojan.DownLoad3.35985
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.GenericKD.2234787 (B)
F-Secure : Trojan-Downloader:W32/Dalexis.B
Fortinet : W32/UPATRE.F!tr
GData : Trojan.GenericKD.2234787
Ikarus : Trojan-Downloader.Win32.Upatre
K7AntiVirus : Trojan ( 7000000c1 )
K7GW : Trojan ( 7000000c1 )
Kaspersky : Trojan-Downloader.Win32.Upatre.vlt
Malwarebytes : Trojan.Upatre
McAfee : Suspect-BW!0D6F95F76EEC
McAfee-GW-Edition : Suspect-BW!0D6F95F76EEC
MicroWorld-eScan : Trojan.GenericKD.2234787
Microsoft : TrojanDownloader:Win32/Upatre.AZ
NANO-Antivirus : Trojan.Win32.Upatre.dpimul
Norman : Upatre.FT
Panda : Trj/CI.A
Qihoo-360 : HEUR/QVM19.1.Malware.Gen
Sophos : Troj/Invo-Zip
Symantec : Downloader.Upatre
Tencent : Win32.Trojan-downloader.Upatre.Hfr
TrendMicro : TROJ_UPATRE.SMNC
TrendMicro-HouseCall : Suspicious_GEN.F47V0319
VIPRE : Win32.Malware!Drop
ViRobot : Trojan.Win32.A.Downloader.28928.D[h]
nProtect : Trojan.Upatre.Gen.2
Cash Pro logo
Important account documents
Reference: C85
Case number: 4690473
Please scan attached document and fax it to +1 (888) 589-3716.
Please note that the Terms and Conditions available below are the Bank's most recently issued versions. Please bear in mind that earlier versions of these Terms and Conditions may apply to your products, depending on when you signed up to the relevant product or when you were last advised of any changes to your Terms and Conditions. If you have any questions regarding which version of the Terms and Conditions apply to your products, please contact your Relationship Manager.
Yours faithfully
Signature Image
Rosalyn Chavez
Senior Manager
Bank of America Commercial Banking
Rosalyn.Chavez@bankofamerica.com
Calls may be monitored or recorded in case we need to check we have carried out your instructions correctly and to help improve our quality of service.
2014 Bank of America Corporation. All rights reserved. CashPro is a registered trademark of Bank of America Corporation.
AccountDocuments.zip
Email analysis :
NOTE : Rosalyn.Chavez@bankofamerica.com
NOTE : yvx@blaudieck.com
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Received : from unknown (HELO ACSKURDN) (83.231.81.43)
Virus analysis :
OPEN : AccountDocuments.zip
RESULT : AccountDocuments.zip is a VIRUS
ALYac : Trojan.GenericKD.2234787
AVG : Generic_s.ELW
AVware : Win32.Malware!Drop
Ad-Aware : Trojan.GenericKD.2234787
Antiy-AVL : Trojan[Downloader]/Win32.Upatre
Avast : Win32:Trojan-gen
Avira : TR/Crypt.Xpack.166918
Baidu-International : Trojan.Win32.Upatre.vlt
BitDefender : Trojan.GenericKD.2234787
CAT-QuickHeal : TrojanDownloader.Upatre.r4
ClamAV : Win.Trojan.Upatre-582
Comodo : TrojWare.Win32.UMal.~A
Cyren : W32/Trojan.ZDMF-2227
DrWeb : Trojan.DownLoad3.35985
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.GenericKD.2234787 (B)
F-Secure : Trojan-Downloader:W32/Dalexis.B
Fortinet : W32/UPATRE.F!tr
GData : Trojan.GenericKD.2234787
Ikarus : Trojan-Downloader.Win32.Upatre
K7AntiVirus : Trojan ( 7000000c1 )
K7GW : Trojan ( 7000000c1 )
Kaspersky : Trojan-Downloader.Win32.Upatre.vlt
Malwarebytes : Trojan.Upatre
McAfee : Suspect-BW!0D6F95F76EEC
McAfee-GW-Edition : Suspect-BW!0D6F95F76EEC
MicroWorld-eScan : Trojan.GenericKD.2234787
Microsoft : TrojanDownloader:Win32/Upatre.AZ
NANO-Antivirus : Trojan.Win32.Upatre.dpimul
Norman : Upatre.FT
Panda : Trj/CI.A
Qihoo-360 : HEUR/QVM19.1.Malware.Gen
Sophos : Troj/Invo-Zip
Symantec : Downloader.Upatre
Tencent : Win32.Trojan-downloader.Upatre.Hfr
TrendMicro : TROJ_UPATRE.SMNC
TrendMicro-HouseCall : Suspicious_GEN.F47V0319
VIPRE : Win32.Malware!Drop
ViRobot : Trojan.Win32.A.Downloader.28928.D[h]
nProtect : Trojan.Upatre.Gen.2
JP Morgan Access Secure Message (Virus)
Please check attached file(s) for your latest account documents regarding your online account.
Alex Puckett
Level III Account Management Officer
817-283-1539 office
817-878-6079 cell Alex.Puckett@jpmorgan.com
Investments in securities and insurance products are:
NOT FDIC-INSURED/NO BANK-GUARANTEES/MAY LOSE VALUE
2015 JPMorgan Chase & Co.
CONFIDENTIAL NOTICE: The contents of this message, including any attachments, are confidential and are intended solely for the use of the person or entity to whom the message was addressed. If you are not the intended recipient of this message, please be advised that any dissemination, distribution, or use of the contents of this message is strictly prohibited. If you received this message in error, please notify the sender. Please also permanently delete all copies of the original message and any attached documentation. Thank you.
JP Morgan Access - Secure.zip
Email analysis :
NOTE : service@jpmorgan.com
NOTE : tenqvist@cc.oulu.fi
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Received : from 108-84-212-41.lightspeed.hstntx.sbcglobal.net (108.84.212.41)
Virus analysis :
OPEN : JP Morgan Access - Secure.zip
RESULT : JP Morgan Access - Secure.zip is a VIRUS
ALYac : Trojan.GenericKD.2234787
AVG : FakeAlert
AVware : Win32.Malware!Drop
Ad-Aware : Trojan.GenericKD.2234787
Antiy-AVL : Trojan[Downloader]/Win32.Upatre
Avast : Win32:Trojan-gen
Avira : TR/Crypt.Xpack.166918
Baidu-International : Trojan.Win32.Upatre.vlt
BitDefender : Trojan.GenericKD.2234787
CAT-QuickHeal : TrojanDownloader.Upatre.r4
ClamAV : Win.Trojan.Upatre-582
Comodo : UnclassifiedMalware
Cyren : W32/Trojan.ZDMF-2227
DrWeb : Trojan.DownLoad3.35985
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.GenericKD.2234787 (B)
F-Secure : Trojan-Downloader:W32/Dalexis.B
Fortinet : W32/UPATRE.F!tr
GData : Trojan.GenericKD.2234787
Ikarus : Trojan-Downloader.Win32.Upatre
K7AntiVirus : Trojan ( 7000000c1 )
K7GW : Trojan ( 7000000c1 )
Kaspersky : Trojan-Downloader.Win32.Upatre.vlt
Malwarebytes : Trojan.Upatre
McAfee : Upatre-FAAR!05E6E33D4259
McAfee-GW-Edition : Upatre-FAAR!05E6E33D4259
MicroWorld-eScan : Trojan.GenericKD.2234787
Microsoft : TrojanDownloader:Win32/Upatre.AZ
NANO-Antivirus : Trojan.Win32.Upatre.dpimul
Norman : Upatre.FT
Qihoo-360 : HEUR/QVM19.1.Malware.Gen
Sophos : Troj/Upatre-JB
Symantec : Downloader.Upatre
Tencent : Win32.Trojan-downloader.Upatre.Fhz
TrendMicro : TROJ_UPATRE.SMNC
TrendMicro-HouseCall : Suspicious_GEN.F47V0320
VIPRE : Win32.Malware!Drop
ViRobot : Trojan.Win32.A.Downloader.28928.D[h]
nProtect : Trojan.Upatre.Gen.2
Alex Puckett
Level III Account Management Officer
817-283-1539 office
817-878-6079 cell Alex.Puckett@jpmorgan.com
Investments in securities and insurance products are:
NOT FDIC-INSURED/NO BANK-GUARANTEES/MAY LOSE VALUE
2015 JPMorgan Chase & Co.
CONFIDENTIAL NOTICE: The contents of this message, including any attachments, are confidential and are intended solely for the use of the person or entity to whom the message was addressed. If you are not the intended recipient of this message, please be advised that any dissemination, distribution, or use of the contents of this message is strictly prohibited. If you received this message in error, please notify the sender. Please also permanently delete all copies of the original message and any attached documentation. Thank you.
JP Morgan Access - Secure.zip
Email analysis :
NOTE : service@jpmorgan.com
NOTE : tenqvist@cc.oulu.fi
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Received : from 108-84-212-41.lightspeed.hstntx.sbcglobal.net (108.84.212.41)
Virus analysis :
OPEN : JP Morgan Access - Secure.zip
RESULT : JP Morgan Access - Secure.zip is a VIRUS
ALYac : Trojan.GenericKD.2234787
AVG : FakeAlert
AVware : Win32.Malware!Drop
Ad-Aware : Trojan.GenericKD.2234787
Antiy-AVL : Trojan[Downloader]/Win32.Upatre
Avast : Win32:Trojan-gen
Avira : TR/Crypt.Xpack.166918
Baidu-International : Trojan.Win32.Upatre.vlt
BitDefender : Trojan.GenericKD.2234787
CAT-QuickHeal : TrojanDownloader.Upatre.r4
ClamAV : Win.Trojan.Upatre-582
Comodo : UnclassifiedMalware
Cyren : W32/Trojan.ZDMF-2227
DrWeb : Trojan.DownLoad3.35985
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.GenericKD.2234787 (B)
F-Secure : Trojan-Downloader:W32/Dalexis.B
Fortinet : W32/UPATRE.F!tr
GData : Trojan.GenericKD.2234787
Ikarus : Trojan-Downloader.Win32.Upatre
K7AntiVirus : Trojan ( 7000000c1 )
K7GW : Trojan ( 7000000c1 )
Kaspersky : Trojan-Downloader.Win32.Upatre.vlt
Malwarebytes : Trojan.Upatre
McAfee : Upatre-FAAR!05E6E33D4259
McAfee-GW-Edition : Upatre-FAAR!05E6E33D4259
MicroWorld-eScan : Trojan.GenericKD.2234787
Microsoft : TrojanDownloader:Win32/Upatre.AZ
NANO-Antivirus : Trojan.Win32.Upatre.dpimul
Norman : Upatre.FT
Qihoo-360 : HEUR/QVM19.1.Malware.Gen
Sophos : Troj/Upatre-JB
Symantec : Downloader.Upatre
Tencent : Win32.Trojan-downloader.Upatre.Fhz
TrendMicro : TROJ_UPATRE.SMNC
TrendMicro-HouseCall : Suspicious_GEN.F47V0320
VIPRE : Win32.Malware!Drop
ViRobot : Trojan.Win32.A.Downloader.28928.D[h]
nProtect : Trojan.Upatre.Gen.2
Thursday, March 12, 2015
Please
Good Afternoon,
Please find attached notice regarding carriers pre-filing for an additional General Rate Increase for effective date of April 9, 2015. Please note, we are advising you of this filing in order to comply with FMC regulations. However, we feel it is unlikely that the carriers will be successful in implementing this increase, especially since the March 9th GRI has already been postponed to March 17th. We will continue to keep you updated as we receive additional information pertaining to these filed rate increases.
Phoenix Zhang-Shin
Director
P & J International Ltd
Calverley House, 55 Calverley Road
Tunbridge Wells, Kent, UK TN1 2TU
Tel: 0044 1892 525588
Fax: 0044 1892 522277
Mob: 0044 7771802252
This email and any attachments are confidential and solely for the use of the intended recipient. They may contain material protected by legal, professional or other privilege. All correspondence with and communication with us is governed by and subject to our Standard Terms and Conditions of Sale (March 2010) (Our STCs), a copy of which has been provided to you and which is available on request or on our web-site. Acknowledging receipt of and replying to this email constitutes acceptance of our STCs.
Email analysis :
NOTE : phoenix@pnjinternational.com
File analysis :
OPEN : documents-id323.zip
ANALYSIS : documents-id323.zip is a virus.
Virus analysis :
AVG : FakeAlert
Ad-Aware : Trojan.GenericKD.2214283
Avast : Win32:Malware-gen
Avira : TR/Rogue.pwsa
Baidu-International : Trojan.Win32.Waski.F
BitDefender : Trojan.GenericKD.2214283
ClamAV : Win.Trojan.Upatre-548
Comodo : UnclassifiedMalware
Cyren : W32/Trojan.OSAT-0643
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.GenericKD.2214283 (B)
F-Prot : W32/Trojan3.OKK
Fortinet : W32/Waski.F!tr.dldr
GData : Trojan.GenericKD.2214283
Ikarus : Trojan-Downloader.Win32.Upatre
Kaspersky : Trojan-Downloader.Win32.Upatre.ffm
Malwarebytes : Trojan.Upatre.FD
McAfee : Artemis!56D11447DF79
MicroWorld-eScan : Trojan.GenericKD.2214283
Microsoft : TrojanDownloader:Win32/Upatre.AY
Qihoo-360 : HEUR/QVM19.1.Malware.Gen
Sophos : Mal/EncPk-ANE
Tencent : Win32.Trojan.Downloader-pdf.Auto
VIRUS ASM
To obtain the ASM version contact me scamcz@gmail.com
Please find attached notice regarding carriers pre-filing for an additional General Rate Increase for effective date of April 9, 2015. Please note, we are advising you of this filing in order to comply with FMC regulations. However, we feel it is unlikely that the carriers will be successful in implementing this increase, especially since the March 9th GRI has already been postponed to March 17th. We will continue to keep you updated as we receive additional information pertaining to these filed rate increases.
Phoenix Zhang-Shin
Director
P & J International Ltd
Calverley House, 55 Calverley Road
Tunbridge Wells, Kent, UK TN1 2TU
Tel: 0044 1892 525588
Fax: 0044 1892 522277
Mob: 0044 7771802252
This email and any attachments are confidential and solely for the use of the intended recipient. They may contain material protected by legal, professional or other privilege. All correspondence with and communication with us is governed by and subject to our Standard Terms and Conditions of Sale (March 2010) (Our STCs), a copy of which has been provided to you and which is available on request or on our web-site. Acknowledging receipt of and replying to this email constitutes acceptance of our STCs.
Email analysis :
NOTE : phoenix@pnjinternational.com
File analysis :
OPEN : documents-id323.zip
ANALYSIS : documents-id323.zip is a virus.
Virus analysis :
AVG : FakeAlert
Ad-Aware : Trojan.GenericKD.2214283
Avast : Win32:Malware-gen
Avira : TR/Rogue.pwsa
Baidu-International : Trojan.Win32.Waski.F
BitDefender : Trojan.GenericKD.2214283
ClamAV : Win.Trojan.Upatre-548
Comodo : UnclassifiedMalware
Cyren : W32/Trojan.OSAT-0643
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.GenericKD.2214283 (B)
F-Prot : W32/Trojan3.OKK
Fortinet : W32/Waski.F!tr.dldr
GData : Trojan.GenericKD.2214283
Ikarus : Trojan-Downloader.Win32.Upatre
Kaspersky : Trojan-Downloader.Win32.Upatre.ffm
Malwarebytes : Trojan.Upatre.FD
McAfee : Artemis!56D11447DF79
MicroWorld-eScan : Trojan.GenericKD.2214283
Microsoft : TrojanDownloader:Win32/Upatre.AY
Qihoo-360 : HEUR/QVM19.1.Malware.Gen
Sophos : Mal/EncPk-ANE
Tencent : Win32.Trojan.Downloader-pdf.Auto
VIRUS ASM
To obtain the ASM version contact me scamcz@gmail.com
Tuesday, March 10, 2015
Emailing: Serv-Ware Credit Application.pdf
--
Thanks,
Clint Winstead
Manager
Serv-Ware Products
clint@servware.com
phone: 800.768.5953
fax : 800.976.1299
www.servware.com
File analysis :
OPEN : Serv-WareCreditApplication.zip
ANALYSIS : VIRUS DETECTED.
Virus analysis :
AVG Generic_s.EHT
AVware Win32.Malware!Drop
Ad-Aware Trojan.GenericKD.2209679
Avast Win32:Malware-gen
Avira TR/Rogue.1539.aia
BitDefender Trojan.GenericKD.2209679
CAT-QuickHeal (Suspicious) - DNAScan
Cyren W32/Upatre.E2.gen!Eldorado
DrWeb Trojan.Upatre.140
ESET-NOD32 Win32/TrojanDownloader.Waski.F
Emsisoft Trojan.GenericKD.2209679 (B)
F-Prot W32/Upatre.E2.gen!Eldorado
F-Secure Trojan.GenericKD.2209679
Fortinet W32/Kryptik.DBDO!tr
GData Trojan.GenericKD.2209679
Ikarus Trojan-Downloader.Win32.Upatre
Kaspersky Trojan-Downloader.Win32.Upatre.vjy
Malwarebytes Trojan.Email.FakeDoc
McAfee Upatre-FAAR!8BEDB116B2AE
MicroWorld-eScan Trojan.GenericKD.2209679
Microsoft TrojanDownloader:Win32/Upatre
Qihoo-360 HEUR/QVM19.1.Malware.Gen
Sophos Troj/Agent-ALYH
Symantec Downloader.Upatre
Tencent Win32.Trojan.Rogue.Lnef
TrendMicro TROJ_UP.AFEFD391
TrendMicro-HouseCall Suspicious_GEN.F47V0309
VIPRE Win32.Malware!Drop
ViRobot Trojan.Win32.S.Downloader.27392.D[h]
nProtect Trojan.GenericKD.2209679
Email analysis :
NOTE : X-Remote : 67.165.217.44 (c-67-165-217-44.hsd1.co.comcast.net)
NOTE : Return-Path : clint@servware.com
NOTE : Received : from c-67-165-217-44.hsd1.co.comcast.net
NOTE : (HELO servware.com) (67.165.217.44)
NOTE : User-Agent : Roundcube Webmail/1.1.0
NOTE : Emailing: Serv-Ware Credit Application.pdf
Thanks,
Clint Winstead
Manager
Serv-Ware Products
clint@servware.com
phone: 800.768.5953
fax : 800.976.1299
www.servware.com
File analysis :
OPEN : Serv-WareCreditApplication.zip
ANALYSIS : VIRUS DETECTED.
Virus analysis :
AVG Generic_s.EHT
AVware Win32.Malware!Drop
Ad-Aware Trojan.GenericKD.2209679
Avast Win32:Malware-gen
Avira TR/Rogue.1539.aia
BitDefender Trojan.GenericKD.2209679
CAT-QuickHeal (Suspicious) - DNAScan
Cyren W32/Upatre.E2.gen!Eldorado
DrWeb Trojan.Upatre.140
ESET-NOD32 Win32/TrojanDownloader.Waski.F
Emsisoft Trojan.GenericKD.2209679 (B)
F-Prot W32/Upatre.E2.gen!Eldorado
F-Secure Trojan.GenericKD.2209679
Fortinet W32/Kryptik.DBDO!tr
GData Trojan.GenericKD.2209679
Ikarus Trojan-Downloader.Win32.Upatre
Kaspersky Trojan-Downloader.Win32.Upatre.vjy
Malwarebytes Trojan.Email.FakeDoc
McAfee Upatre-FAAR!8BEDB116B2AE
MicroWorld-eScan Trojan.GenericKD.2209679
Microsoft TrojanDownloader:Win32/Upatre
Qihoo-360 HEUR/QVM19.1.Malware.Gen
Sophos Troj/Agent-ALYH
Symantec Downloader.Upatre
Tencent Win32.Trojan.Rogue.Lnef
TrendMicro TROJ_UP.AFEFD391
TrendMicro-HouseCall Suspicious_GEN.F47V0309
VIPRE Win32.Malware!Drop
ViRobot Trojan.Win32.S.Downloader.27392.D[h]
nProtect Trojan.GenericKD.2209679
Email analysis :
NOTE : X-Remote : 67.165.217.44 (c-67-165-217-44.hsd1.co.comcast.net)
NOTE : Return-Path : clint@servware.com
NOTE : Received : from c-67-165-217-44.hsd1.co.comcast.net
NOTE : (HELO servware.com) (67.165.217.44)
NOTE : User-Agent : Roundcube Webmail/1.1.0
NOTE : Emailing: Serv-Ware Credit Application.pdf
Sunday, March 8, 2015
HSBC Payment (Virus)
Sir/Madam
Upon your request, attached please find payment e-Advice for your reference.
HSBC
***************************************************************************
We maintain strict security standards and procedures to prevent unauthorised access to information about you. HSBC will never contact you by e-mail or otherwise to ask you to validate personal information such as your user ID, password, or account numbers. If you receive such a request, please call our Direct Financial Services hotline.
Please do not reply to this e-mail. Should you wish to contact us, please send your e-mail to commercialbanking@hsbc.com.hk and we will respond to you.
Note: it is important that you do not provide your account or credit card numbers, or convey any confidential information or banking instructions, in your reply mail.
Copyright. The Hongkong and Shanghai Banking Corporation Limited 2015. All rights reserved.
***************************************************************************
HSBC-2739.zip
Analysis :
OPEN : HSBC-2739.zip
NOTE : HSBC-2739.zip is a virus
Virus analysis :
ALYac : Trojan.GenericKD.2203557
AVG : Generic_s.EHP
AVware : Trojan.Win32.Generic.pak!cobra
Ad-Aware : Trojan.GenericKD.2203557
Antiy-AVL : Trojan[Downloader]/Win32.Upatre
Avast : Win32:Trojan-gen
Avira : TR/Angles.24012
Baidu-International : Trojan.Win32.Upatre.vje
BitDefender : Trojan.GenericKD.2203557
ClamAV : Win.Trojan.Agent-851779
Cyren : W32/Trojan.IATT-2425
DrWeb : Trojan.Upatre.144
ESET-NOD32 : Win32/TrojanDownloader.Waski.A
Emsisoft : Trojan.GenericKD.2203557 (B)
F-Prot : W32/Trojan3.OGD
F-Secure : Trojan.GenericKD.2203557
Fortinet : W32/Upatre.VJE!tr
GData : Trojan.GenericKD.2203557
Ikarus : Trojan.Win32.Emotet
K7AntiVirus : Trojan-Downloader ( 0048f6391 )
K7GW : Trojan-Downloader ( 0048f6391 )
Kaspersky : Trojan-Downloader.Win32.Upatre.vje
Malwarebytes : Trojan.Upatre.FD
McAfee : RDN/Generic Downloader.x!mv
McAfee-GW-Edition : RDN/Generic Downloader.x!mv
MicroWorld-eScan : Trojan.GenericKD.2203557
Microsoft : TrojanDownloader:Win32/Upatre
Qihoo-360 : Win32/Trojan.d51
Sophos : Troj/Dyreza-DF
Symantec : Downloader.Upatre
TotalDefense : Win32/Tnega.fAAdaN
TrendMicro : TROJ_FR.97949EA3
TrendMicro-HouseCall : Suspicious_GEN.F47V0307
VIPRE : Trojan.Win32.Generic.pak!cobra
ViRobot : Trojan.Win32.S.Agent.29696.ASK[h]
Email analysis :
NOTE : Mime-Version : 1.0
NOTE : Return-Path : < no-replay@hsbc.co.uk >
NOTE : X-Ovh-Remote : 221.155.165.78 ()
NOTE : User-Agent : Roundcube Webmail/1.1.0
NOTE : Received : from unknown (HELO hsbc.co.uk) (221.155.165.78)
NOTE : HSBC Payment
Upon your request, attached please find payment e-Advice for your reference.
HSBC
***************************************************************************
We maintain strict security standards and procedures to prevent unauthorised access to information about you. HSBC will never contact you by e-mail or otherwise to ask you to validate personal information such as your user ID, password, or account numbers. If you receive such a request, please call our Direct Financial Services hotline.
Please do not reply to this e-mail. Should you wish to contact us, please send your e-mail to commercialbanking@hsbc.com.hk and we will respond to you.
Note: it is important that you do not provide your account or credit card numbers, or convey any confidential information or banking instructions, in your reply mail.
Copyright. The Hongkong and Shanghai Banking Corporation Limited 2015. All rights reserved.
***************************************************************************
HSBC-2739.zip
Analysis :
OPEN : HSBC-2739.zip
NOTE : HSBC-2739.zip is a virus
Virus analysis :
ALYac : Trojan.GenericKD.2203557
AVG : Generic_s.EHP
AVware : Trojan.Win32.Generic.pak!cobra
Ad-Aware : Trojan.GenericKD.2203557
Antiy-AVL : Trojan[Downloader]/Win32.Upatre
Avast : Win32:Trojan-gen
Avira : TR/Angles.24012
Baidu-International : Trojan.Win32.Upatre.vje
BitDefender : Trojan.GenericKD.2203557
ClamAV : Win.Trojan.Agent-851779
Cyren : W32/Trojan.IATT-2425
DrWeb : Trojan.Upatre.144
ESET-NOD32 : Win32/TrojanDownloader.Waski.A
Emsisoft : Trojan.GenericKD.2203557 (B)
F-Prot : W32/Trojan3.OGD
F-Secure : Trojan.GenericKD.2203557
Fortinet : W32/Upatre.VJE!tr
GData : Trojan.GenericKD.2203557
Ikarus : Trojan.Win32.Emotet
K7AntiVirus : Trojan-Downloader ( 0048f6391 )
K7GW : Trojan-Downloader ( 0048f6391 )
Kaspersky : Trojan-Downloader.Win32.Upatre.vje
Malwarebytes : Trojan.Upatre.FD
McAfee : RDN/Generic Downloader.x!mv
McAfee-GW-Edition : RDN/Generic Downloader.x!mv
MicroWorld-eScan : Trojan.GenericKD.2203557
Microsoft : TrojanDownloader:Win32/Upatre
Qihoo-360 : Win32/Trojan.d51
Sophos : Troj/Dyreza-DF
Symantec : Downloader.Upatre
TotalDefense : Win32/Tnega.fAAdaN
TrendMicro : TROJ_FR.97949EA3
TrendMicro-HouseCall : Suspicious_GEN.F47V0307
VIPRE : Trojan.Win32.Generic.pak!cobra
ViRobot : Trojan.Win32.S.Agent.29696.ASK[h]
Email analysis :
NOTE : Mime-Version : 1.0
NOTE : Return-Path : < no-replay@hsbc.co.uk >
NOTE : X-Ovh-Remote : 221.155.165.78 ()
NOTE : User-Agent : Roundcube Webmail/1.1.0
NOTE : Received : from unknown (HELO hsbc.co.uk) (221.155.165.78)
NOTE : HSBC Payment
Thursday, March 5, 2015
Air Canada e-ticket Virus
Dear client,
Your online order has been successfully completed and your credit card has been charged.
FLIGHT NUMBER CX89014CA
DATE & TIME / MARCH 6rd , 14:15
DEPARTURE / Toronto
TOTAL PRICE / 450 CAD
The seat number and additional information regarding the flight can be found on the attached e-ticket.
Thank you for choosing Air Canada
e-ticket_79010838.doc
Virus analysis :
OPEN : e-ticket_79010838.doc
ANALYSIS :
ALYac Trojan.Downloader.JRLZ
AVG Generic12_c.AETQ
Ad-Aware Trojan.Downloader.JRLZ
AhnLab-V3 X97M/Downloader
Avast MO97:Downloader-LX [Trj]
Avira WM/Dldr.Agent.asdl
BitDefender Trojan.Downloader.JRLZ
CAT-QuickHeal W97M.Dropper.CK
Comodo UnclassifiedMalware
Cyren W97M/Tarbir
ESET-NOD32 VBA/TrojanDownloader.Agent.JD
Emsisoft Trojan.Downloader.JRLZ (B)
F-Prot New
F-Secure Trojan.Downloader.JRLZ
Fortinet WM/Agent!tr
GData Trojan.Downloader.JRLZ
Ikarus Trojan-Downloader.VBA.Agent
Kaspersky Trojan-Downloader.MSWord.Agent.fg
McAfee W97M/Downloader.adx
McAfee-GW-Edition W97M/Downloader.adx
MicroWorld-eScan Trojan.Downloader.JRLZ
Microsoft TrojanDownloader:O97M/Bartallex.gen
Norman DLoader.ATMLY
Panda W97M/Downloader
Sophos Troj/DocDl-GF
Symantec W97M.Downloader
TrendMicro W2KM_BARTALEX.EU
TrendMicro-HouseCall W2KM_BARTALEX.EU
nProtect Trojan.Downloader.JRLZ
Your online order has been successfully completed and your credit card has been charged.
FLIGHT NUMBER CX89014CA
DATE & TIME / MARCH 6rd , 14:15
DEPARTURE / Toronto
TOTAL PRICE / 450 CAD
The seat number and additional information regarding the flight can be found on the attached e-ticket.
Thank you for choosing Air Canada
e-ticket_79010838.doc
Virus analysis :
OPEN : e-ticket_79010838.doc
ANALYSIS :
ALYac Trojan.Downloader.JRLZ
AVG Generic12_c.AETQ
Ad-Aware Trojan.Downloader.JRLZ
AhnLab-V3 X97M/Downloader
Avast MO97:Downloader-LX [Trj]
Avira WM/Dldr.Agent.asdl
BitDefender Trojan.Downloader.JRLZ
CAT-QuickHeal W97M.Dropper.CK
Comodo UnclassifiedMalware
Cyren W97M/Tarbir
ESET-NOD32 VBA/TrojanDownloader.Agent.JD
Emsisoft Trojan.Downloader.JRLZ (B)
F-Prot New
F-Secure Trojan.Downloader.JRLZ
Fortinet WM/Agent!tr
GData Trojan.Downloader.JRLZ
Ikarus Trojan-Downloader.VBA.Agent
Kaspersky Trojan-Downloader.MSWord.Agent.fg
McAfee W97M/Downloader.adx
McAfee-GW-Edition W97M/Downloader.adx
MicroWorld-eScan Trojan.Downloader.JRLZ
Microsoft TrojanDownloader:O97M/Bartallex.gen
Norman DLoader.ATMLY
Panda W97M/Downloader
Sophos Troj/DocDl-GF
Symantec W97M.Downloader
TrendMicro W2KM_BARTALEX.EU
TrendMicro-HouseCall W2KM_BARTALEX.EU
nProtect Trojan.Downloader.JRLZ
BBB SBQ Form #5488(Ref#83-497-0-4) (BBB VIRUS)
Thank you for supporting your Better Business Bureau (BBB).
As a service to BBB Accredited Businesses, we try to ensure that the information we provide to potential customers is as accurate as possible. In order for us to provide the correct information to the public, we ask that you review the information that we have on file for your company.
We encourage you to print this SBQ Form, answer the questions and respond to us. (Adobe PDF)
Please look carefully at your telephone and fax numbers on this sheet, and let us know any and all numbers used for your business (including 800, 900, rollover, and remote call forwarding). Our automated system is driven by telephone/fax numbers, so having accurate information is critical for consumers to find information about your business easily.
Thank you again for your support, and we look forward to receiving this updated information.
Sincerely,
Accreditation Services
SBQForm07182.zip
OPEN : SBQForm07182.zip
Virus Analysis :
OPEN : SBQForm07182.zip
RESULT :
Avast Win32:Evo-gen [Susp]
CMC Packed.Win32.Katusha.3!O
ESET-NOD32 a variant of Win32/Injector.BVRZ
McAfee Downloader-FAHF!3D0C52C03CD0
Qihoo-360 HEUR/QVM19.1.Malware.Gen
Sophos Mal/Generic-S
Tencent Win32.Trojan.Inject.Auto
Email analysis :
NOTE : no-replay@bbb.com
NOTE : X-Remote : 89.120.40.73 ()
NOTE : User-Agent : Roundcube Webmail/1.1.0
NOTE : Received : from unknown (HELO bbb.com) (89.120.40.73)
As a service to BBB Accredited Businesses, we try to ensure that the information we provide to potential customers is as accurate as possible. In order for us to provide the correct information to the public, we ask that you review the information that we have on file for your company.
We encourage you to print this SBQ Form, answer the questions and respond to us. (Adobe PDF)
Please look carefully at your telephone and fax numbers on this sheet, and let us know any and all numbers used for your business (including 800, 900, rollover, and remote call forwarding). Our automated system is driven by telephone/fax numbers, so having accurate information is critical for consumers to find information about your business easily.
Thank you again for your support, and we look forward to receiving this updated information.
Sincerely,
Accreditation Services
SBQForm07182.zip
OPEN : SBQForm07182.zip
Virus Analysis :
OPEN : SBQForm07182.zip
RESULT :
Avast Win32:Evo-gen [Susp]
CMC Packed.Win32.Katusha.3!O
ESET-NOD32 a variant of Win32/Injector.BVRZ
McAfee Downloader-FAHF!3D0C52C03CD0
Qihoo-360 HEUR/QVM19.1.Malware.Gen
Sophos Mal/Generic-S
Tencent Win32.Trojan.Inject.Auto
Email analysis :
NOTE : no-replay@bbb.com
NOTE : X-Remote : 89.120.40.73 ()
NOTE : User-Agent : Roundcube Webmail/1.1.0
NOTE : Received : from unknown (HELO bbb.com) (89.120.40.73)
Subscribe to:
Posts (Atom)