OwlCyberSecurity - MANAGER

Edit File: 1727419707.M918647P2061647.premium128.web-hosting.com,S=9175,W=9374

Return-Path: <domingos@stockinventarios.com.br> Delivered-To: faouzi.berroua+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id yNJINTtV9mZPdR8AAvhI2g (envelope-from <domingos@stockinventarios.com.br>) for <faouzi.berroua+spam@gourayafroid.com>; Fri, 27 Sep 2024 02:48:27 -0400 Return-path: <domingos@stockinventarios.com.br> Envelope-to: faouzi.berroua@gourayafroid.com Delivery-date: Fri, 27 Sep 2024 02:48:27 -0400 Received: from [103.158.53.219] (port=23224 helo=[103.158.53.209]) by premium128.web-hosting.com with esmtp (Exim 4.96.2) (envelope-from <domingos@stockinventarios.com.br>) id 1su4m4-008exC-0f for faouzi.berroua@gourayafroid.com; Fri, 27 Sep 2024 02:48:27 -0400 From: "ismail patti" <domingos@stockinventarios.com.br> To: <faouzi.berroua@gourayafroid.com> Date: 27 Sep 2024 15:46:33 +0400 Message-ID: <002501db10d7$01eb2cb2$973d36a9$@stockinventarios.com.br> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0022_01DB10D7.01E76EF8" X-Mailer: Microsoft Outlook 16.0 Thread-Index: Acc8ljsy8girtmeec8ljsy8girtmee== Content-Language: en-us X-Spam-Status: Yes, score=21.3 X-Spam-Score: 213 X-Spam-Bar: +++++++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Hello! I am a professional coder and I hacked your device's OS when you visited adult website. I've been watching your activity for a couple of months. If you don't understand what I am talking about I can explain... My trojan malware lets me get access to my victim's system. It is multiplatform software with hVNC that can be installed on phones, PC [...] Content analysis details: (21.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 4.7 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL [103.158.53.219 listed in zen.spamhaus.org] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [103.158.53.219 listed in sa-trusted.bondedsender.org] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [103.158.53.219 listed in bl.score.senderscore.com] 2.4 DATE_IN_FUTURE_03_06 Date: is 3 to 6 hours after Received: date 0.0 HTML_MESSAGE BODY: HTML included in message 2.1 RATWARE_NO_RDNS Suspicious MsgID and MIME boundary + no rDNS 1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any anti-forgery methods 2.5 BITCOIN_SPAM_03 BitCoin spam pattern 03 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 1.5 BITCOIN_SPAM_09 BitCoin spam pattern 09 3.3 BITCOIN_EXTORT_01 Extortion spam, pay via BitCoin 0.2 PDS_BTC_ID FP reduced Bitcoin ID 1.4 DOS_OUTLOOK_TO_MX Delivered direct to MX with Outlook headers X-Spam-Flag: YES Subject: ***SPAM*** Fw: This is a multi-part message in MIME format. ------=_NextPart_000_0022_01DB10D7.01E76EF8 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello! I am a professional coder and I hacked your device's OS when you visited = adult website. I've been watching your activity for a couple of months. If you don't understand what I am talking about I can explain... My trojan malware lets me get access to my victim's system. It is = multiplatform software with hVNC that can be installed on phones, PC and = even TV OS... It doesn't have any AV's detects because it is encrypted and can't be = detected becaause I update it's signatures every 4 hour. I can turn on your camera, save your logs and do everything that I want = and you won't notice anything. Now I have all your contacts, sm data and all logs from chats for the = latest 2 months but it is not very useful without something that can = spoil your reputation... I recorded your masturbation and the video that you watched. It was = disgusting. I can destroy your life by sending this stuff to everybody you know. If you want me to delete this stuff and avoid any problems you have to = send $1500 to my bitcoin address: = bc1q7eekhc9fnddsv4dm943m3fjnup0mtc6wetytsd If you don't know how to buy bitcoins use Google, there are a lot of = manuals about using, spending and buying this cryptocurrency. You have 50 hours from now to complete the payment. I have a notification that you are reading this message... TIME HAS = GONE. Don't try to respond because this email address is generated. Don't try to complain because this and my bitcoin address can't be = tracked down. If I notice that you shared this message everybody will receive your = data. Bye! ------=_NextPart_000_0022_01DB10D7.01E76EF8 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" = xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" = xmlns=3D"http://www.w3.org/TR/REC-html40"><head><META = HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 15 = (filtered medium)"><style><!-- /* Font Definitions */ @font-face =09{font-family:"Cambria Math"; =09panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face =09{font-family:Calibri; =09panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal =09{margin:0in; =09margin-bottom:.0001pt; =09font-size:11.0pt; =09font-family:"Calibri",sans-serif;} a:link, span.MsoHyperlink =09{mso-style-priority:99; =09color:#0563C1; =09text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed =09{mso-style-priority:99; =09color:#954F72; =09text-decoration:underline;} span.EmailStyle17 =09{mso-style-type:personal-compose; =09font-family:"Calibri",sans-serif;} .MsoChpDefault =09{mso-style-type:export-only; =09font-family:"Calibri",sans-serif;} @page WordSection1 =09{size:8.5in 11.0in; =09margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 =09{page:WordSection1;} --></style><!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--></head><body lang=3DEN-US = link=3D"#0563C1" vlink=3D"#954F72"><div class=3DWordSection1><p = class=3DMsoNormal><p>Hello!<br /><br />I am a professional coder and I = hacked your device's OS when you visited adult website.<br />I've been = watching your activity for a couple of months.<br /><br />If you don't = understand what I am talking about I can explain...<br />My trojan = malware lets me get access to my victim's system. It is multiplatform = software with hVNC that can be installed on phones, PC and even TV = OS...<br />It doesn't have any AV's detects because it is encrypted and = can't be detected becaause I update it's signatures every 4 hour.<br />I = can turn on your camera, save your logs and do everything that I want = and you won't notice anything.<br /><br />Now I have all your contacts, = sm data and all logs from chats for the latest 2 months but it is not = very useful without something that can spoil your reputation...<br />I = recorded your masturbation and the video that you watched. It was = disgusting.<br /><br />I can destroy your life by sending this stuff to = everybody you know.<br />If you want me to delete this stuff and avoid = any problems you have to send $1500 to my bitcoin address: = bc1q7eekhc9fnddsv4dm943m3fjnup0mtc6wetytsd<br /><br /><br />If you don't = know how to buy bitcoins use Google, there are a lot of manuals about = using, spending and buying this cryptocurrency.<br /><br />You have 50 = hours from now to complete the payment.<br />I have a notification that = you are reading this message... TIME HAS GONE.<br /><br />Don't try to = respond because this email address is generated.<br />Don't try to = complain because this and my bitcoin address can't be tracked down.<br = /><br />If I notice that you shared this message everybody will receive = your data.<br />Bye!</p><o:p></o:p></p></div></body></html> ------=_NextPart_000_0022_01DB10D7.01E76EF8--