OwlCyberSecurity - MANAGER

Edit File: 1717879793.M510890P2357390.premium128.web-hosting.com,S=8229,W=8393

Return-Path: <eugeniagi16@sho26.mokomichi.xyz> Delivered-To: faouzi.berroua+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id aEUNHfHDZGaO+CMAAvhI2g (envelope-from <eugeniagi16@sho26.mokomichi.xyz>) for <faouzi.berroua+spam@gourayafroid.com>; Sat, 08 Jun 2024 16:49:53 -0400 Return-path: <eugeniagi16@sho26.mokomichi.xyz> Envelope-to: faouzi.berroua@gourayafroid.com Delivery-date: Sat, 08 Jun 2024 16:49:53 -0400 Received: from [78.30.14.145] (port=36029 helo=static.masmovil.com) by premium128.web-hosting.com with esmtp (Exim 4.96.2) (envelope-from <eugeniagi16@sho26.mokomichi.xyz>) id 1sG30V-009yoQ-0g for faouzi.berroua@gourayafroid.com; Sat, 08 Jun 2024 16:49:53 -0400 MIME-Version: 1.0 From: "maurizio gonzalo" <eugeniagi16@sho26.mokomichi.xyz> To: <faouzi.berroua@gourayafroid.com> Date: 9 Jun 2024 00:23:57 +0100 Message-ID: <K6I4ID0608.2450AXF0L557@prop.sho26.mokomichi.xyz> Content-type: multipart/alternative; boundary="08_97y7gvgy_9ED5_hirl06" X-Spam-Status: Yes, score=25.4 X-Spam-Score: 254 X-Spam-Bar: +++++++++++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Good day. Your system has been hacked with a Trojan virus. It has penetrated your device through adult portals which you sometimes visit. Some spicy videos contain malicious code that activates after [...] Content analysis details: (25.4 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 2.1 CPANEL_XYZ .XYZ domain mostly used by spammers 3.6 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL [78.30.14.145 listed in zen.spamhaus.org] 4.7 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL 1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see <https://www.spamcop.net/bl.shtml?78.30.14.145>] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [78.30.14.145 listed in sa-accredit.habeas.com] 0.0 HTML_MESSAGE BODY: HTML included in message 1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any anti-forgery methods 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 1.0 BITCOIN_SPAM_09 BitCoin spam pattern 09 -0.0 T_SCC_BODY_TEXT_LINE No description available. 0.8 KAM_INFOUSMEBIZ Prevalent use of .info|.us|.me|.me.uk|.biz|xyz|id|rocks|life domains in spam/malware 8.5 KAM_CRIM Extortion Email 0.5 PDS_BTC_ID FP reduced Bitcoin ID X-Spam-Flag: YES Subject: ***SPAM*** no subject This is a multi-part message in MIME format. --08_97y7gvgy_9ED5_hirl06 Content-type: text/plain; charset="iso-8859-1" Content-transfer-encoding: quoted-printable Good day. Your system has been hacked with a Trojan virus. It has penetrated your device through adult portals which you sometimes = visit. Some spicy videos contain malicious code that activates after being = turned on. Your entire information has already been copied to my = servers. I possess complete control over your device which you use to access the = Internet. I can see your screen, I can use a microphone and a camera in a way that = you never notice anything. I've already made a screen recording. A video was edited with a pornographic movie that you were watching at = that time and masturbating.=20 Your face is perfectly visible and I don&rsquo;t think that this kind of = content will have a positive impact on your reputation. I have an overall access to your list of contacts and the social media = profiles. I can send this video from your E-mail or the messengers. If you don't want to let this happen, then you only need to take one = simple step. Just transfer 1200 USD (US dollars) to Bitcoin wallet: = bc1qsptmyum979jzwjywkv8pvwtvu98ejass88jnaj (In a Bitcoin equivalent at the exchange rate for the time of transfer) You can find the detailed instructions in Google. After the payment I will remove the video and the virus from your device = and no one will bother you anymore. If I won&rsquo;t receive the payment in due time, all of your data and = the videos will become publicly available. I give you 2 business days. I shall receive a notification that you have read the letter. The timer starts immediately. Any complain somewhere, including the police, is useless. My wallet and = an E-mail cannot be tracked. If I find out that you have shared this message with someone else, the = video will become publicly available at once.=20 I will destroy your reputation forever and all your data will go public. Everyone will learn about your passion for the porn sites and more. = Changing the passwords will be useless either as all the data is already = on my servers. Don't forget that reputation is very important and be prudent! --08_97y7gvgy_9ED5_hirl06 Content-type: text/html; charset="iso-8859-1" Content-transfer-encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <meta http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> </head> <body> <p>Good day.<br />Your system has been hacked with a Trojan virus.<br = />It has penetrated your device through adult portals which you = sometimes visit.<br />Some spicy videos contain malicious code that = activates after being turned on. Your entire information has already = been copied to my servers.</p> <p><br />I possess complete control over your device which you use to = access the Internet.<br />I can see your screen, I can use a microphone = and a camera in a way that you never notice anything.</p> <p>I've already made a screen recording.<br />A video was edited with a = pornographic movie that you were watching at that time and masturbating. = <br />Your face is perfectly visible and I don&rsquo;t think that this = kind of content will have a positive impact on your reputation.</p> <p>I have an overall access to your list of contacts and the social = media profiles. I can send this video from your E-mail or the = messengers.</p> <p>If you don't want to let this happen, then you only need to take one = simple step.<br />Just transfer 1200 USD (US dollars) to Bitcoin wallet: = bc1qsptmyum979jzwjywkv8pvwtvu98ejass88jnaj</p> <p>(In a Bitcoin equivalent at the exchange rate for the time of = transfer)<br />You can find the detailed instructions in Google.</p> <p>After the payment I will remove the video and the virus from your = device and no one will bother you anymore.<br />If I won&rsquo;t receive = the payment in due time, all of your data and the videos will become = publicly available.</p> <p>I give you 2 business days.</p> <p>I shall receive a notification that you have read the letter.<br = />The timer starts immediately.<br />Any complain somewhere, including = the police, is useless. My wallet and an E-mail cannot be tracked.</p> <p>If I find out that you have shared this message with someone else, = the video will become publicly available at once. <br />I will destroy = your reputation forever and all your data will go public.</p> <p>Everyone will learn about your passion for the porn sites and more. = Changing the passwords will be useless either as all the data is already = on my servers.</p> <p>Don't forget that reputation is very important and be prudent!</p> </body></html> --08_97y7gvgy_9ED5_hirl06--