Date: Wed, 13 Feb 2013 12:10:27 +0000The malicious payload is at [donotclick]thedigidares.net/detects/irritating-crashed-registers.php (report here) hosted on:
From: " NACHA" [limbon@direct.nacha.org]
Subject: Aborted transfer
Canceled transaction
The ACH process (ID: 648919687408), recently sent from your bank account (by you), was canceled by the other financial institution.
Transaction ID: 648919687408
Cancellation Reason Review additional info in the statement below
Transaction Detailed Report Report_648919687408.xls (Microsoft/Open Office Word Document)
13150 Sunrise Street, Suite 100 Herndon, VA 20174 (703) 561-1200
� 2013 NACHA - The Electronic Payments Association
134.74.14.98 (City College of New York, US)
175.121.229.209 (Hanaro Telecom, Korea)
The following IPs and domains are linked and should be blocked:
134.74.14.98
175.121.229.209
albaperu.net
capeinn.net
thedigidares.net
madcambodia.net
micropowerboating.net
dressaytam.net
acctnmrxm.net
albaperu.net
live-satellite-view.net
dressaytam.net
No comments:
Post a Comment