From: FilesTube [mailto:filestube@filestube.com]The malicious payload is at [donotclick]apensiona.ru:8080/forum/links/column.php which is hosted on 217.112.40.69 (Utransit, claims to be from the UK but probably Russia). The following malicious domains are also on that IP address:
Sent: 17 December 2012 06:01
Subject: Your Tracking Number H7300014839
USPS Customer Services for big savings!
Can't see images? CLICK HERE.
UPS - UPS TEAM 60 >>
Already Have
an Account?
Enjoy all UPS has to offer by linking your My UPS profile to your account.
Link Your
Account Now >>
UPS - UPS .com Customer Services
Good Evening, [redacted].
DEAR USER , Recipient's address is wrong
Track your Shipment now!
With Respect To You , Your UPS .com Customer Services.
Shipping
Tracking
Calculate Time & Cost
Open an Account
@ 2011 United Parcel Service of America, Inc. Your USPS .us Customer Services, the UPS brandmark, and the color brown are
trademarks of United Parcel Service of America, Inc. All rights reserved.
This is a marketing e-mail for UPS services. Click here to update your e-mail preferences or to unsubscribe to
USPS Team marketing e-mail. For information on UPS's privacy practices, please refer to UPS Privacy Policy.
Your USPS .us Customer Services, 8 Glenlake Parkway, NE - Atlanta, GA 30585
Attn: Customer Communications Department
pelamutrika.ru
antariktika.ru
aliamognoa.ru
ahiontota.ru
anifkailood.ru
podarunoki.ru
aseniakrol.ru
publicatorian.ru
pitoniamason.ru
aviaonlolsio.ru
dimarikanko.ru
adanagenro.ru
aofngppahgor.ru
apolinaklsit.ru
apensiona.ru
No comments:
Post a Comment