OwlCyberSecurity - MANAGER

Edit File: 1726391865.M340007P3910074.cloudbhc.clouditzone.com,S=6728,W=6854

Return-Path: <bounces+7062469-96c6-info=onebox.pk@sendgrid.net> Delivered-To: info+spam@onebox.pk Received: from cloudbhc.clouditzone.com by cloudbhc.clouditzone.com with LMTP id 8lhtEzmm5ma6qTsAZAThIw (envelope-from <bounces+7062469-96c6-info=onebox.pk@sendgrid.net>) for <info+spam@onebox.pk>; Sun, 15 Sep 2024 14:17:45 +0500 Return-path: <bounces+7062469-96c6-info=onebox.pk@sendgrid.net> Envelope-to: info@onebox.pk Delivery-date: Sun, 15 Sep 2024 14:17:45 +0500 Received: from s.wrqvtbkv.outbound-mail.sendgrid.net ([149.72.123.24]:34046) by cloudbhc.clouditzone.com with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256 (Exim 4.96.2) (envelope-from <bounces+7062469-96c6-info=onebox.pk@sendgrid.net>) id 1splO1-00GPBS-2C for info@onebox.pk; Sun, 15 Sep 2024 14:17:45 +0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sendgrid.net; h=content-transfer-encoding:content-type:from:mime-version:subject:to: cc:content-type:from:subject:to; s=smtpapi; bh=C+b+nuxshtjqmOWNSyb9xpk9388pvmbsnf8+iXRNFeE=; b=oGpTExc7n4T6C/tMOHPKdShvEqdsQgj1eF5LszHi1YzYVY8HRF4SeK8vhmzau1aDtO3J +OAy45tYghO9ncOqcL+Dmt7F/tjRMJbwzTMZgkrdUT5b+8iqiHgGqPkP2chuXbb1409KeQ ZEaOCB8KwBQvgHs9/csPa8QcPVYNFZDDo= Received: by recvd-6dc67978-5pp2f with SMTP id recvd-6dc67978-5pp2f-1-66E6A633-E 2024-09-15 09:17:39.595069863 +0000 UTC m=+228011.837573881 Received: from NzA2MjQ2OQ (unknown) by geopod-ismtpd-6 (SG) with HTTP id eHub-zOpQAOu9tbELMsP-g Sun, 15 Sep 2024 09:17:39.546 +0000 (UTC) Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii Date: Sun, 15 Sep 2024 09:17:39 +0000 (UTC) From: Henry Jones <cotato@mocbrasil.com> Mime-Version: 1.0 Message-ID: <eHub-zOpQAOu9tbELMsP-g@geopod-ismtpd-6> X-SG-EID: =?us-ascii?Q?u001=2Erj=2F9AKso7iq2U7TI+VOJzNwGe1tonu4DLxgAa7T=2FWK2Uwh3B4bK=2FC8HTs?= =?us-ascii?Q?FR7o61pzkHcNngcRUMR6wnsTiqOa=2F+hI=2FE2ZQPI?= =?us-ascii?Q?V+po9efU8xzqZwGU4ZxDUk872MZql=2FlZ38aG=2FLn?= =?us-ascii?Q?PWph0ARCdCIUs8AMcddGCI2fomMGXee72waCOfw?= =?us-ascii?Q?AoW2MVwnAl2jgeyZKOYHSQ1a6gLbXXpVSUux1ZW?= =?us-ascii?Q?FWGOIsmmlRn9VqNxXyLjiY=3D?= To: info@onebox.pk X-Entity-ID: u001.3MLg4kISSk1ioqT+LjG0gw== X-Spam-Status: Yes, score=12.5 X-Spam-Score: 125 X-Spam-Bar: ++++++++++++ X-Spam-Report: Spam detection software, running on the system "cloudbhc.clouditzone.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Hello! I am a professional coder, and I hacked your device's OS when you were visiting an adult website. I have been watching your activity for a couple of months. If you do not know what I'm talking about, I can explain ... Content analysis details: (12.5 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: sendgrid.net] 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words 0.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 8.5 KAM_CRIM Extortion Email 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 1.5 KAM_SENDGRID Sendgrid being exploited by scammers 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid 1.2 BITCOIN_EXTORT_01 Extortion spam, pay via BitCoin 0.0 T_REMOTE_IMAGE Message contains an external image X-Spam-Flag: YES Subject: ***SPAM*** Please change password <!DOCTYPE html><html> <body style=3D"background-color:#ffffff;"> <table width=3D"350" border=3D"0" cellspacing=3D"0" cellpadding=3D"0" style= =3D"font-size:16px;line-height:1.6;font-family: Roboto,RobotoDraft,Helvetic= a,Arial,sans-serif"><tbody><tr><td> Hello!<br><br> I am a professional coder, and I hacked your device's OS when you were visi= ting an adult website.<br><br> I have been watching your activity for a couple of months. If you do not kn= ow what I'm talking about, I can explain ...<br><br> My Trojan malware allows me to access my victim's system. It is a multiplat= form hVNC-enabled software that can be installed on phones, PCs and even TV= OSs ...<br><br> It does not detect AV because it is encrypted and cannot be detected becaus= e I update its signatures every 4 hours.<br><br> I can turn on your camera, save your logs and do whatever I want and you wi= ll not notice anything.<br><br> Now I have all your contacts, see data and all logs from chats I recorded y= our masturbation and the video you watched. It was disgusting.<br><br> I can ruin your life by sending this material to everyone you know. If you = want me to remove this material and avoid any problems, you must send 1300 = USD to this Bitcoin address:<br> 14egwaEto3ZFsb3KNHbUxQwciuzJHgsUDZ<br><br> (If you do not know how to buy Bitcoins, use Google, there are many guides = on how to use, spend and buy this cryptocurrency.)<br><br> You have 50 hours to complete the payment.<br><br> I have a notification that you are reading this message ...<br> Do not try to reply because this email address was created. Do not try to c= omplain because this and this Bitcoin address cannot be traced.<br><br> If I notice that you shared this message, everyone will get your informatio= n.<br><br> Goodbye! </td></tr></tbody></table> <img src=3D"https://u7062469.ct.sendgrid.net/wf/open?upn=3Du001.D1v0rVvqI1e= YJwPHreGGfwZBs3mnTEvkJQ9NSo3gAaKSzPuwg4wcZBW5Gzj-2FJKEujlU98v7iLPqeJtHjrmTX= oTbmeeDz6qWNMG1orciK2fj4rnmeKZ8YQh52EVA5gM4UBJNXHy1pvsTQYQ6iY0EJ5HTTrY1fyPW= vg1IfUSEabjymD-2FNNfd7ZbHwquJ0TR6mZx3uNIYo0dRDDP-2FOWtQQPzQ-3D-3D" alt=3D""= width=3D"1" height=3D"1" border=3D"0" style=3D"height:1px !important;width= :1px !important;border-width:0 !important;margin-top:0 !important;margin-bo= ttom:0 !important;margin-right:0 !important;margin-left:0 !important;paddin= g-top:0 !important;padding-bottom:0 !important;padding-right:0 !important;p= adding-left:0 !important;"/></body> </html>