A partir do dia 10/08/2016, a Via Fácil realmente iniciou a aplicação de multas.
Todo motorista que passar a mais de 40 km/h receberá uma multa por excesso
de velocidade. Segundo a STP (empresa administradora), a multa do Sem Parar
é gerada pela Policia Rodoviária.
você foi multado veja abaixo copia da multa.
Download da multa aqui...
Email analysis :
NOTE : detran@drz.com.br
NOTE : Received : from unknown (HELO pc-PC)
NOTE : (menoli@drz.com.br@200.204.161.106)
NOTE : by beta.sercomtel.com.br
Link analysis :
CLICK : Download da multa aqui...
OPEN : https://tinyurl.com/j3nav3q?=visualizar/multa/10/08/2016
DOWNLOAD FILE FROM : https://dc431.4shared.com
RESULT : File is a virus.
Virus analysis :
FILENAME : Infração-de-transito-15-08-2016.rar
SHA256 : b3baf1dedb71e91ca1006d412b8ee7eb59bf6a0388bb89abd3aefc3ee0c14dd6
Ad-Aware : Gen:Variant.Symmi.60015
Arcabit : Trojan.Symmi.DEA6F
Avast : Win32:Malware-gen
Avira (no cloud) : TR/Downloader.sdtq
BitDefender : Gen:Variant.Symmi.60015
ESET-NOD32 : Win32/TrojanDownloader.Banload.XMW
Emsisoft : Gen:Variant.Symmi.60015 (B)
F-Secure : Gen:Variant.Symmi.60015
GData : Gen:Variant.Symmi.60015
Ikarus : Trojan-Downloader.Win32.Banload
K7GW : Trojan-Downloader ( 004f64451 )
Kaspersky : Trojan-Downloader.Win32.Delf.kkdi
McAfee : Artemis!383F16692822
eScan : Gen:Variant.Symmi.60015
TrendMicro : HEUR_NAMETRICK.A
TrendMicro-HouseCall : TROJ_GE.4D16FF7F
Conclusion :
Virus hosted by 4shared.com
Link to the virus hosted by tinyurl.com
Wednesday, August 17, 2016
Thursday, December 3, 2015
Rép : bill (Virus)
This bill just came through and it has your name on it.
What is this about?
bill.doc
File analysis :
OPEN : bill.doc
RESULT : bill.doc is a virus.
Virus analysis :
ALYac : Trojan.Msword.NTC
AVG : Zbot.AKEI
AVware : Trojan.Win32.Generic!BT
Ad-Aware : Trojan.Msword.NTC
AhnLab-V3 : W97M/Dropper
Antiy-AVL : Trojan[PSW]/Win32.Fareit
Arcabit : HEUR(high).VBA.Trojan
Avast : Win32:Dropper-gen [Drp]
Avira : TR/Crypt.ZPACK.217559
BitDefender : Trojan.Msword.NTC
CAT-QuickHeal : W97M.Dropper.OF
Cyren : W97M/Dropper.D.gen
DrWeb : Trojan.PWS.Stealer.4118
ESET-NOD32 : VBA/TrojanDropper.Agent.EG
Emsisoft : Trojan.Msword.NTC (B)
F-Prot : W97M/Dropper.D.gen
F-Secure : Trojan.Msword.NTC
Fortinet : WM/Agent!tr
GData : Trojan.Msword.NTC
Ikarus : Trojan.Win32.PSW
Kaspersky : Trojan-PSW.Win32.Fareit.bium
McAfee : W97M/Dropper!E6CB6F898524
McAfee-GW-Edition : W97M/Dropper!E6CB6F898524
MicroWorld-eScan : Trojan.Msword.NTC
Microsoft : TrojanDropper:O97M/Farheyt
NANO-Antivirus : Trojan.Script.MulDrop.dyxcgh
Panda : O97M/Downloader
Sophos : Troj/Vawtrak-CO
Symantec : W97M.Downloader
Tencent : Win32.Trojan-qqpass.Qqrob.Amch
TrendMicro : W2KM_FAREIT.IBI
TrendMicro-HouseCall : W2KM_FAREIT.IBI
VIPRE : Trojan.Win32.Generic!BT
nProtect : Trojan-Downloader/W97M.Iron
Email analysis :
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0)
NOTE : Gecko/20100101 Thunderbird/24.4.0
NOTE : X-Remote : 108.178.222.238 ()
NOTE : Mime-Version : 1.0
NOTE : Received : from localhost (HELO queue) (127.0.0.1)
NOTE : Rép : bill
What is this about?
bill.doc
File analysis :
OPEN : bill.doc
RESULT : bill.doc is a virus.
Virus analysis :
ALYac : Trojan.Msword.NTC
AVG : Zbot.AKEI
AVware : Trojan.Win32.Generic!BT
Ad-Aware : Trojan.Msword.NTC
AhnLab-V3 : W97M/Dropper
Antiy-AVL : Trojan[PSW]/Win32.Fareit
Arcabit : HEUR(high).VBA.Trojan
Avast : Win32:Dropper-gen [Drp]
Avira : TR/Crypt.ZPACK.217559
BitDefender : Trojan.Msword.NTC
CAT-QuickHeal : W97M.Dropper.OF
Cyren : W97M/Dropper.D.gen
DrWeb : Trojan.PWS.Stealer.4118
ESET-NOD32 : VBA/TrojanDropper.Agent.EG
Emsisoft : Trojan.Msword.NTC (B)
F-Prot : W97M/Dropper.D.gen
F-Secure : Trojan.Msword.NTC
Fortinet : WM/Agent!tr
GData : Trojan.Msword.NTC
Ikarus : Trojan.Win32.PSW
Kaspersky : Trojan-PSW.Win32.Fareit.bium
McAfee : W97M/Dropper!E6CB6F898524
McAfee-GW-Edition : W97M/Dropper!E6CB6F898524
MicroWorld-eScan : Trojan.Msword.NTC
Microsoft : TrojanDropper:O97M/Farheyt
NANO-Antivirus : Trojan.Script.MulDrop.dyxcgh
Panda : O97M/Downloader
Sophos : Troj/Vawtrak-CO
Symantec : W97M.Downloader
Tencent : Win32.Trojan-qqpass.Qqrob.Amch
TrendMicro : W2KM_FAREIT.IBI
TrendMicro-HouseCall : W2KM_FAREIT.IBI
VIPRE : Trojan.Win32.Generic!BT
nProtect : Trojan-Downloader/W97M.Iron
Email analysis :
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0)
NOTE : Gecko/20100101 Thunderbird/24.4.0
NOTE : X-Remote : 108.178.222.238 ()
NOTE : Mime-Version : 1.0
NOTE : Received : from localhost (HELO queue) (127.0.0.1)
NOTE : Rép : bill
Wednesday, December 2, 2015
Rép : New order (Virus)
GoodDay,
Find the attached specifications in the purchase order for our company end of the year sales before sending your Proforma Invoice and do get back to me with your quotations asap. An Official order placement will follow as soon as possible. But note that we have restructured the order so the first order will not exceed 20-40feet containers.
Thanks & Best Regards,
Manager Purchasing Department
Shirley Lee
TMS Titanium
HEADQUARTERS
12215 Kirkham Rd., Suite 300
Poway, CA 92064
EMAIL: sales@tmstitanium.com
SALES AND CUSTOMER SERVICE
Toll Free: (888) 748-8510
Local: (858) 748-8510
FAX
(858) 748-8526
scanned purchase order.ace
File analysis :
NOTE : Open scanned purchase order.ace
NOTE : scanned purchase order.ace is a virus.
Virus analysis :
Avast : Win32:Malware-gen
ESET-NOD32 : a variant of Win32/Injector.CNFH
GData : Archive.Trojan.Agent.14JCQ5
Ikarus : Trojan.Win32.Injector
Kaspersky : Trojan.Win32.Scarsi.aaab
Panda : Generic Suspicious
Qihoo-360 : HEUR/QVM03.0.Malware.Gen
Sophos : Mal/DrodAce-A
Email analysis :
NOTE : sales@tmstitanium.com
NOTE : SUNSHINESLISA1@YAHOO.COM
NOTE : Received : from [67.227.193.36]
NOTE : (UnknownHost [67.227.193.36]) by mail2.postbulletin.com
Find the attached specifications in the purchase order for our company end of the year sales before sending your Proforma Invoice and do get back to me with your quotations asap. An Official order placement will follow as soon as possible. But note that we have restructured the order so the first order will not exceed 20-40feet containers.
Thanks & Best Regards,
Manager Purchasing Department
Shirley Lee
TMS Titanium
HEADQUARTERS
12215 Kirkham Rd., Suite 300
Poway, CA 92064
EMAIL: sales@tmstitanium.com
SALES AND CUSTOMER SERVICE
Toll Free: (888) 748-8510
Local: (858) 748-8510
FAX
(858) 748-8526
scanned purchase order.ace
File analysis :
NOTE : Open scanned purchase order.ace
NOTE : scanned purchase order.ace is a virus.
Virus analysis :
Avast : Win32:Malware-gen
ESET-NOD32 : a variant of Win32/Injector.CNFH
GData : Archive.Trojan.Agent.14JCQ5
Ikarus : Trojan.Win32.Injector
Kaspersky : Trojan.Win32.Scarsi.aaab
Panda : Generic Suspicious
Qihoo-360 : HEUR/QVM03.0.Malware.Gen
Sophos : Mal/DrodAce-A
Email analysis :
NOTE : sales@tmstitanium.com
NOTE : SUNSHINESLISA1@YAHOO.COM
NOTE : Received : from [67.227.193.36]
NOTE : (UnknownHost [67.227.193.36]) by mail2.postbulletin.com
Wednesday, October 28, 2015
New order 1320
Dear supplier,
Please find the attached purchase order and acknowledge the receipt.
We await your response with details.
Thanks,
Monica Paquette
Purchasing Manager.
JUBAILI TRADE COMPANY.
32107 Bad Salzuflen
Germany
T: +49-5208-9102-7523
F: +49-5208-9102-9054
M: +49 151 616023605
Web: www.ararmaturen.net
PO_FY6667544pdf.ace
PO_FY6667544pdf.ace analysis :
PO_FY6667544pdf.ace is a virus.
Virus analysis :
AVG : MSIL9.XGT
Ad-Aware : Gen:Variant.Kazy.758648
Arcabit : Trojan.Kazy.DB9378
BitDefender : Gen:Variant.Kazy.758648
ESET-NOD32 : a variant of MSIL/Kryptik.DZP
Emsisoft : Gen:Variant.Kazy.758648 (B)
F-Secure : Gen:Variant.Kazy.758648
GData : Gen:Variant.Kazy.758648
Ikarus : Trojan.MSIL.Crypt
Kaspersky : Trojan.MSIL.Inject.dbmu
MicroWorld-eScan : Gen:Variant.Kazy.758648
Microsoft : Trojan:Win32/Dynamer!ac
Sophos : Mal/DrodAce-A
TrendMicro : TSPY_GOLROTED.CP
TrendMicro-HouseCall : TSPY_GOLROTED.CP
Email analysis :
NOTE : monica.p@tech-center.com
NOTE : Received : from 210.195.249.3 (klg-58-154.tm.net.my [202.188.58.154])
NOTE : by cactus4.qatar.net.qa (Oracle Communications Messaging Exchange Server)
NOTE : does not designate 82.148.101.71 as permitted sender
Please find the attached purchase order and acknowledge the receipt.
We await your response with details.
Thanks,
Monica Paquette
Purchasing Manager.
JUBAILI TRADE COMPANY.
32107 Bad Salzuflen
Germany
T: +49-5208-9102-7523
F: +49-5208-9102-9054
M: +49 151 616023605
Web: www.ararmaturen.net
PO_FY6667544pdf.ace
PO_FY6667544pdf.ace analysis :
PO_FY6667544pdf.ace is a virus.
Virus analysis :
AVG : MSIL9.XGT
Ad-Aware : Gen:Variant.Kazy.758648
Arcabit : Trojan.Kazy.DB9378
BitDefender : Gen:Variant.Kazy.758648
ESET-NOD32 : a variant of MSIL/Kryptik.DZP
Emsisoft : Gen:Variant.Kazy.758648 (B)
F-Secure : Gen:Variant.Kazy.758648
GData : Gen:Variant.Kazy.758648
Ikarus : Trojan.MSIL.Crypt
Kaspersky : Trojan.MSIL.Inject.dbmu
MicroWorld-eScan : Gen:Variant.Kazy.758648
Microsoft : Trojan:Win32/Dynamer!ac
Sophos : Mal/DrodAce-A
TrendMicro : TSPY_GOLROTED.CP
TrendMicro-HouseCall : TSPY_GOLROTED.CP
Email analysis :
NOTE : monica.p@tech-center.com
NOTE : Received : from 210.195.249.3 (klg-58-154.tm.net.my [202.188.58.154])
NOTE : by cactus4.qatar.net.qa (Oracle Communications Messaging Exchange Server)
NOTE : does not designate 82.148.101.71 as permitted sender
Tuesday, September 1, 2015
Rép : RFQ Confirmation (VIRUS)
Good day,
Pls find attached the Inquiry specification list, kindly send us quotation.
Thanks & Best Regards,
Sashi Ranjan Rath
osco Excellence
Tel 1 (i250) : 870 773210230
Tel 2 (FB250) : 870 773208568
Tel 3 (F-77) : 870 765 091 412
Tel 4 (F-77) : 870 765 091 411
Fax: 870 765091413
Sat C 1 (Tlx): 447703830
Sat C 2 (Tlx): 447703831
Email: ismaelcarrillo_zf@yahoo.com
Order 4223.zip
File analysis :
OPEN : Order 4223.zip
RESULT : File is a virus.
Virus analysis :
SHA256: 387b4893e924421f9e91f1ee2a938b9017fe30f3bfae07abbfbf0d1b121d98fa
Baidu-International : Adware.MSIL.iBryte.DFE
ESET-NOD32 : a variant of MSIL/Kryptik.DFE
Malwarebytes : Trojan.ZBAgent.RNDGen
Qihoo-360 : HEUR/QVM03.0.Malware.Gen
Rising : PE:Malware.Generic/QRS!1.9E2D[F1]
Sophos : Mal/Generic-S
Tencent : Win32.Trojan.Inject.Auto
Email analysis :
NOTE : stefano.sambucci@transpacific.com
NOTE : ismaelcarrillo_zf@yahoo.com
NOTE : Received : from so199-177.asiawhere.com (219.84.199.177)
NOTE : Received : from 41.190.2.39 ([41.190.2.39])
NOTE : by webmail.mimifund.com (Horde Framework)
NOTE : User-Agent : Internet Messaging Program (IMP) H3 (4.3.9)
NOTE : Return-Path : < stefano.sambucci@transpacific.com >
NOTE : X-No-Auth : unauthenticated sender
Pls find attached the Inquiry specification list, kindly send us quotation.
Thanks & Best Regards,
Sashi Ranjan Rath
osco Excellence
Tel 1 (i250) : 870 773210230
Tel 2 (FB250) : 870 773208568
Tel 3 (F-77) : 870 765 091 412
Tel 4 (F-77) : 870 765 091 411
Fax: 870 765091413
Sat C 1 (Tlx): 447703830
Sat C 2 (Tlx): 447703831
Email: ismaelcarrillo_zf@yahoo.com
Order 4223.zip
File analysis :
OPEN : Order 4223.zip
RESULT : File is a virus.
Virus analysis :
SHA256: 387b4893e924421f9e91f1ee2a938b9017fe30f3bfae07abbfbf0d1b121d98fa
Baidu-International : Adware.MSIL.iBryte.DFE
ESET-NOD32 : a variant of MSIL/Kryptik.DFE
Malwarebytes : Trojan.ZBAgent.RNDGen
Qihoo-360 : HEUR/QVM03.0.Malware.Gen
Rising : PE:Malware.Generic/QRS!1.9E2D[F1]
Sophos : Mal/Generic-S
Tencent : Win32.Trojan.Inject.Auto
Email analysis :
NOTE : stefano.sambucci@transpacific.com
NOTE : ismaelcarrillo_zf@yahoo.com
NOTE : Received : from so199-177.asiawhere.com (219.84.199.177)
NOTE : Received : from 41.190.2.39 ([41.190.2.39])
NOTE : by webmail.mimifund.com (Horde Framework)
NOTE : User-Agent : Internet Messaging Program (IMP) H3 (4.3.9)
NOTE : Return-Path : < stefano.sambucci@transpacific.com >
NOTE : X-No-Auth : unauthenticated sender
Monday, August 31, 2015
Invoice Jeff Herman
invoice53444271 Jeff Herman.zip
File analysis :
OPEN : invoice53444271 Jeff Herman.zip
RESULT : File is a virus.
Virus analysis :
SHA256: 9c6ce032c5b4f521b0ace607a50a499812ecb9845741862a0f7f9183a87c7c49
ALYac : Trojan.Agent.BMBU
AVG : FakeAlert
AVware : Trojan.Win32.Generic!BT
Ad-Aware : Trojan.Agent.BMBU
Agnitum : Trojan.DL.Dofoil!MdY5QMP4IPM
Arcabit : Trojan.Agent.BMBU
Avast : Win32:Trojan-gen
Baidu-International : Trojan.Win32.Dofoil.bstr
BitDefender : Trojan.Agent.BMBU
CAT-QuickHeal : TrojanDownloader.Upatre.r4
Cyren : W32/Trojan3.RIE
ESET-NOD32 : a variant of Win32/Kryptik.DUYG
Emsisoft : Trojan.Agent.BMBU (B)
F-Prot : W32/Trojan3.RIE
F-Secure : Trojan.Agent.BMBU
Fortinet : W32/Kryptik.DUMX!tr
GData : Trojan.Agent.BMBU
Ikarus : Trojan-Downloader.Win32.Upatre
Jiangmin : TrojanDownloader.Dofoil.bhq
K7AntiVirus : Trojan ( 004cddfe1 )
K7GW : Trojan ( 004cddfe1 )
Kaspersky : Trojan-Downloader.Win32.Dofoil.bstr
Malwarebytes : Spyware.Dyre
McAfee : Upatre-FACE!67B2464F5D77
McAfee-GW-Edition : Upatre-FACE!67B2464F5D77
MicroWorld-eScan : Trojan.Agent.BMBU
Microsoft : TrojanDownloader:Win32/Upatre
NANO-Antivirus : Trojan.Win32.Dyre.dvrjgu
Panda : Trj/CI.A
Qihoo-360 : HEUR/QVM19.1.Malware.Gen
Sophos : Troj/Upatre-LD
TrendMicro : TROJ_UP.10D6D122
TrendMicro-HouseCall : TROJ_UP.10D6D122
VBA32 : Heur.Trojan.Hlux
VIPRE : Trojan.Win32.Generic!BT
ViRobot : Trojan.Win32.Upatre.43520.A[h]
Zillya : 'Downloader.UpatreGen.Win32.68
nProtect : Trojan.Agent.BMBU
Email analysis :
NOTE : bespalov@stati.orene.ru
NOTE : Received : by stati.orene.ru (Postfix, from userid 5001)
NOTE : 94.79.7.6 ()
Monday, July 20, 2015
Order for Sp/LLC /2015 (Virus)
Dear Sir/Madam,
It was nice to see you again. In attachment you will find the order for Sp/LLC /2015 Please first confirm the price with us. If you have any question about the changes, please ask. In attachment also the logo’s for NieZoe Woven Label new. I know the woven label NieZoe you have to take more quantity. Please let us know the quantity and price. We can use in future also.
Thank you in advance.
Met vriendelijke groet,
Best regards,
Mit Mreundlichen Krussen,
logo
Larlou Lvan Looten
Sales Manager
Nmbyerstraat Noord 162 | 6225 EJ Maastricht The Netherlands | HR14054804 VAT NL809075957B00
T 0031 43 3521470
File analysis :
SHA256 : cc4db92ec0f923c02171c746fd8417b6763257d9a2fcfd6b30818da344791ea3
Filename : Sp-LLC -2015.docx
ALYac : Gen:Variant.Kazy.679360
Ad-Aware : Gen:Variant.Kazy.679360
Arcabit : Trojan.Kazy.DA5DC0
BitDefender : Gen:Variant.Kazy.679360
DrWeb : BackDoor.Bladabindi.1056
ESET-NOD32 : a variant of MSIL/Injector.KSL
Emsisoft : Gen:Variant.Kazy.679360 (B)
F-Secure : Gen:Variant.Kazy.679360
Fortinet : MSIL/Injector.KSL!tr
GData : Gen:Variant.Kazy.679360
Kaspersky : HEUR:Trojan.Win32.Generic
MicroWorld-eScan : Gen:Variant.Kazy.679360
TrendMicro-HouseCall : TROJ_GE.856647F7
Email analysis :
NOTE : NieZoe@NieZoe.COM
NOTE : nisakorn@thai-nichi.com
NOTE : Received : from User ([UNAVAILABLE].
NOTE : [66.76.199.160]) by 0.0.0.0:25 (trex/5.4.2);
NOTE : Received : by smtp24.relay.ord1a.emailsrvr.com
NOTE : (Authenticated sender: nisakorn-AT-thai-nichi.com)
It was nice to see you again. In attachment you will find the order for Sp/LLC /2015 Please first confirm the price with us. If you have any question about the changes, please ask. In attachment also the logo’s for NieZoe Woven Label new. I know the woven label NieZoe you have to take more quantity. Please let us know the quantity and price. We can use in future also.
Thank you in advance.
Met vriendelijke groet,
Best regards,
Mit Mreundlichen Krussen,
logo
Larlou Lvan Looten
Sales Manager
Nmbyerstraat Noord 162 | 6225 EJ Maastricht The Netherlands | HR14054804 VAT NL809075957B00
T 0031 43 3521470
File analysis :
SHA256 : cc4db92ec0f923c02171c746fd8417b6763257d9a2fcfd6b30818da344791ea3
Filename : Sp-LLC -2015.docx
ALYac : Gen:Variant.Kazy.679360
Ad-Aware : Gen:Variant.Kazy.679360
Arcabit : Trojan.Kazy.DA5DC0
BitDefender : Gen:Variant.Kazy.679360
DrWeb : BackDoor.Bladabindi.1056
ESET-NOD32 : a variant of MSIL/Injector.KSL
Emsisoft : Gen:Variant.Kazy.679360 (B)
F-Secure : Gen:Variant.Kazy.679360
Fortinet : MSIL/Injector.KSL!tr
GData : Gen:Variant.Kazy.679360
Kaspersky : HEUR:Trojan.Win32.Generic
MicroWorld-eScan : Gen:Variant.Kazy.679360
TrendMicro-HouseCall : TROJ_GE.856647F7
Email analysis :
NOTE : NieZoe@NieZoe.COM
NOTE : nisakorn@thai-nichi.com
NOTE : Received : from User ([UNAVAILABLE].
NOTE : [66.76.199.160]) by 0.0.0.0:25 (trex/5.4.2);
NOTE : Received : by smtp24.relay.ord1a.emailsrvr.com
NOTE : (Authenticated sender: nisakorn-AT-thai-nichi.com)
Subscribe to:
Posts (Atom)