cacert-sysadm AT lists.cacert.org
Subject: CAcert System Admins discussion list
List archive
- From: Martin Gummi <martin.gummi AT cacert.org>
- To: cacert-sysadm AT lists.cacert.org, guillaume AT cacert.org
- Subject: Re: VIRUS ??? Trojan ??? Fwd: You have received a voice mail
- Date: Fri, 09 May 2014 15:48:54 +0200
- Organization: CAcert.org
Hello Guillaume,
it' s malware look from Today
https://www.virustotal.com/en/file/440294e89d69e0508a85bd4a5dac8cc64e3f9d15ca53b8a2a0536acdb31a6516/analysis/1399642947/
--
mit freundlichen Grüßen / best regards
Martin Gummi
CAcert Assurer
CAcert Arbitrator, CAcert Case Manager
CAcert.org - Free Certificates
E-Mail:
martin.gummi AT cacert.org
On 09.05.2014 15:39, Guillaume ROMAGNY wrote:
> Hello,
>
> my tools cannot find a virus or trojan in the zip file from @cacert.org
> but machine is "from bas2-malton22-1177777296.dsl.bell.ca" ,
>
> => highly suspicious. can you help ???
>
> Thanks,
> Guillaume
>
>
> -------- Message original --------
> Sujet: You have received a voice mail
> Date : Fri, 9 May 2014 07:53:35 -0500
> De : Microsoft Outlook Voicemail
> <no-reply AT cacert.org>
> Pour :
> administrator AT cacert.org
>
>
>
> You received a voice mail : VOICE944-934-9764.wav (27 KB)
> Caller-Id: 944-934-9764
> Message-Id: 9F8Z8H
> Email-Id:
> administrator AT cacert.org
>
> This e-mail contains a voice message.
>
> Download and extract the attachment to listen the message.
>
> Sent by Microsoft Exchange Server
>
>
>
> ------ SOURCE
>
> From - Fri May 9 13:59:00 2014
> X-Account-Key: account2
> X-UIDL: 000202b045a428ec
> X-Mozilla-Status: 0001
> X-Mozilla-Status2: 00000000
> X-Mozilla-Keys:
>
> Return-path:
> <misjudge37 AT reliable.com>
> Envelope-to: gr@localhost
> Delivery-date: Fri, 09 May 2014 13:58:18 +0200
> Received: from localhost ([127.0.0.1] helo=gr)
> by gr with esmtp (Exim 4.76)
> (envelope-from
> <misjudge37 AT reliable.com>)
> id 1WijRS-0006kX-5s
> for gr@localhost; Fri, 09 May 2014 13:58:18 +0200
> X-Original-To:
> guillaume AT cacert.org
> Delivered-To:
> guillaume AT cacert.org
> Received: from email.cacert.org [213.154.225.228]
> by gr with POP3 (fetchmail-6.3.21)
> for <gr@localhost> (single-drop); Fri, 09 May 2014 13:58:18 +0200
> (CEST)
> Received: from bas2-malton22-1177777296.dsl.bell.ca
> (bas2-malton22-1177777296.dsl.bell.ca [70.51.116.144])
> by email.cacert.org (Postfix) with ESMTP id 0FC2A1C0E47;
> Fri, 9 May 2014 11:51:12 +0000 (UTC)
> Message-ID:
> <ZU92WN1E.4738707 AT reliable.com>
> Date: Fri, 9 May 2014 07:53:35 -0500
> From: "Microsoft Outlook Voicemail"
> <no-reply AT cacert.org>
> User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101
> Thunderbird/24.2.0
> MIME-Version: 1.0
> To:
> administrator AT cacert.org
> Subject: You have received a voice mail
> Content-Type: multipart/mixed;
> boundary="------------050907010200030504010103"
>
> This is a multi-part message in MIME format.
> --------------050907010200030504010103
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> Content-Transfer-Encoding: 7bit
>
> You received a voice mail : VOICE944-934-9764.wav (27 KB)
> Caller-Id: 944-934-9764
> Message-Id: 9F8Z8H
> Email-Id:
> administrator AT cacert.org
>
> This e-mail contains a voice message.
>
> Download and extract the attachment to listen the message.
>
> Sent by Microsoft Exchange Server
>
>
>
begin:vcard fn:Martin Gummi n:Gummi;Martin org:CAcert.org adr:;;;;;;Germany email;internet:martin.gummi AT cacert.org x-mozilla-html:FALSE url:www.cacert.org version:2.1 end:vcard
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
- VIRUS ??? Trojan ??? Fwd: You have received a voice mail, Guillaume ROMAGNY, 05/09/2014
- Re: VIRUS ??? Trojan ??? Fwd: You have received a voice mail, Martin Gummi, 05/09/2014
Archive powered by MHonArc 2.6.18.