Unconfigured Ad Widget

Collapse

Anúncio

Collapse
No announcement yet.

Analise de mail malware

Collapse
X
 
  • Filter
  • Tempo
  • Show
Clear All
new posts

  • Font Size
    #1

    Duvidas Analise de mail malware

    Bom dia pessoal,
    Hoje como de costume fui acessar meus 3 e-mails e encontrei um e-mail semelhante nos 3.
    Não sou muito bom de analise nisto, mas sei que coisa boa não é.. me surpreendi de ter recebido nos 3 e-mails o msm porem enviado por pessoas diferente e com destinos diferentes,

    exemplo:

    destino primeiro mail - Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
    destino segundo mail- Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
    destino terceiro mail - Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...

    E Todos carregam algo na pagina.. Vocês poderiam fazer analise e explicar para que serve este mail?
    Valeu a todos

    hoje (23/02) ja lançaram na internet o mail em alguns blog mas sem descrição:

    Código HTML:
     [B]vejam:[/B]
     http://ambitosieda.blogspot.com/2012/02/income-tax-return-fraud-accusations.html
     http://niepodam.pl/wiadomosci/2919411
     http://zevion-world.blogspot.com/2012/02/income-tax-return-fraud-accusations.html


    Code do mail:


    Código PHP:
    <DIV dir="ltr"><BR>
      <
    BR>
      <
    DIV>
        <
    DIV id="SkyDrivePlaceholder"></DIV>
        <
    HR id="stopSpelling">
        <
    BR>
        <
    BR>
        .
    ExternalClass .ecxhmmessage P  {padding:0px;}  .ExternalClass body.ecxhmmessage  {font-size:10pt;font-family:Tahoma;}
        <
    DIV dir="ltr">&#65279;
          
    <TABLE border="0" cellSpacing="0" cellPadding="0" width="100%" bgColor="#effbfb">
            <
    TBODY>
              <
    TR>
                <
    TD vAlign="top" align="middle"><TABLE cellSpacing="0" cellPadding="0" width="581">
                  <
    TBODY>
                    <
    TR>
                      <
    TD><TABLE border="0" cellSpacing="0" cellPadding="17" width="100%">
                        <
    TBODY>
                          <
    TR>
                            <
    TD><TABLE border="0" cellSpacing="0" cellPadding="0" width="100%">
                              <
    TBODY>
                                <
    TR>
                                  <
    TD>You're   receiving this notification as a Certified Public Accountant and a member of   AICPA.<BR>
                                    Having trouble reading this email? <A href="http://www.pirilampocarinhoso.com.br/Bzue0ZUj/index.html" target="_blank">View it in your browser</A>. <BR>
                                    <BR></TD>
                                </TR>
                                <TR>
                                  <TD background="http://www.aicpa.org/_layouts/Aicpa.Org/Images/BannerStripNew.gif"><IMG border="0" alt="AICPA logo" src="http://www.aicpa.org/_layouts/Aicpa.Org/Images/logoNew.gif"></TD>
                                </TR>
                                <TR>
                                  <TD height="30">Cancellation of Public Account Status due to tax return fraud   allegations<BR></TD>
                                </TR>
                                <TR>
                                  <TD><TABLE border="0" cellSpacing="0" cellPadding="0" width="100%">
                                    <TBODY>
                                      <TR>
                                        <TD vAlign="top"><TABLE border="0" cellSpacing="0" cellPadding="0" width="100%">
                                          <TBODY>
                                            <TR>
                                              <TD bgColor="#e2e5e7"><TABLE border="0" cellSpacing="0" cellPadding="15" width="100%">
                                                <TBODY>
                                                  <TR>
                                                    <TD>Valued   accountant officer,<BR>
                                                      <p>We have been notified of your alleged involvement   in tax return infringement*for one of your employees.According to AICPA Bylaw   Subsection 740 your Certified Public Accountant license can be cancelled in case   of* the event of filing of a incorrect or fraudulent income tax return client'
    s   behalf.* <BR>
                                                      </
    p>
                                                      
    Please be notified below and provide your feedback to it within   7 daysThe failure to provide the clarifications within this term will result   in suspension of your Accountant license.<BR>
                                                      <
    BR>
                                                      <
    BR>
                                                      <
    DIV><A href="http://bidprep.co/7cDnGTRA/index.html" target="_blank">Complaint.doc</A><BR>
                                                      </
    DIV>
                                                      <
    BR></TD>
                                                  </
    TR>
                                                </
    TBODY>
                                              </
    TABLE></TD>
                                            </
    TR>
                                          </
    TBODY>
                                        </
    TABLE></TD>
                                      </
    TR>
                                    </
    TBODY>
                                  </
    TABLE></TD>
                                </
    TR>
                                <
    TR>
                                  <
    TD><IMG alt="" src="http://images/hr-big.gif" width="581" height="11">
                                    <
    TABLE border="0" cellSpacing="0" cellPadding="0" width="100%">
                                      <
    TBODY>
                                        <
    TR>
                                          <
    TD><BR>
                                            
    The   American Institute of Certified Public AccountantsEmail: <A href="mailto:service@aicpa.org">service@aicpa.org</A><BR>
                                            
    Tel.   888.777.7077<BR>
                                            
    Fax.   800.362.5066<BR>
                                            <
    BR>
                                            <
    BR>
                                            <
    BR>
                                            <
    BR>
                                            <
    BR></TD>
                                        </
    TR>
                                      </
    TBODY>
                                    </
    TABLE></TD>
                                </
    TR>
                              </
    TBODY>
                            </
    TABLE></TD>
                          </
    TR>
                        </
    TBODY>
                      </
    TABLE></TD>
                    </
    TR>
                  </
    TBODY>
                </
    TABLE></TD>
              </
    TR>
            </
    TBODY>
          </
    TABLE>
        </
    DIV>
      </
    DIV>
    </
    DIV

    achei tambem um site gringo falando que é fake mas não explica oque realmente ele executa/faz com o Pc

    Código HTML:
    http://www.hoax-slayer.com/aicpa-malware-emails.shtml
    Vlw e aguardo uma analise
    Similar Threads

  • Font Size
    #2
    Ninguem pode me ajudar? ;/

    Comment


    • Font Size
      #3
      cara, pelo oque eu vi nao faz nada demais

      Comment


      • Font Size
        #4
        esse é o perigo..
        não faz nada de mais..
        Mas que ele carrega algo no html e provavelmente acho eu que é um auto-infect ..

        Comment


        • Font Size
          #5
          Estranho cara não sou muito bom com códigos mais será q não tá faltando nada aí? Executa nada.

          Comment

          X
          Working...
          X