Answer the question
In order to leave comments, you need to log in
M
M
Mohn2020-10-03 09:33:48
Mohn, 2020-10-03 09:33:48
Interesting letter, can you figure out what it is?
Here is a letter that a colleague received in the mail today. What is it?
I removed the addressee and the domain. I took the original letter in text form.
Who has any ideas?
Received: from mta1.e-proxa.com ([217.23.139.191])
by isp.cloud.iskrakb.ru with esmtp (Exim 4.92.3)
(envelope-from <[email protected]>)
id 1kNqeL-0003B9-QH
for [email protected]_________.ru; Thu, 01 Oct 2020 11:57:02 +0700
From: <[email protected]>
To: <[email protected]_________.ru>
Subject: UAKYQBZGK KASTONWXH
Date: Thu, 1 Oct 2020 04:53:35 +0700
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_003E_01D69986.D7784860"
X-Mailer: Microsoft Outlook 16.0
X-Scanned-By: ClamAV 0.101.5; Thu, 01 Oct 2020 11:57:01 +0700
thread-index: AdaXr0zxxFTcipfrQ4mTPfMzsEdTTg==
Authentication-Results: dkim=pass, [email protected]@e-proxa.com
Authentication-Results: dkim=pass, [email protected]
X-Spam_score: 2.0
X-Spam_score_int: 20
X-Spam_bar: ++
X-Spam_report: Spam detection software, running on the system "isp.cloud.iskrakb.ru",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: 3HXT40ONGO2JCPHUO0A610GJF5 YNTL 6 QM8O0SK8HUFEL1GFF SDGZWS9
WT7OFUJ3YR8DBJIO1Y2MX57ANLUYUJE0QT7USV1 [...]
Content analysis details: (2.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.5 SUBJ_ALL_CAPS Subject is all capitals
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
0.0 HTML_MESSAGE BODY: HTML included in message
0.7 MPART_ALT_DIFF BODY: HTML and text parts are different
0.1 MIME_HTML_ONLY BODY: Message only has text/h
tml MIME parts
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
0.1 MISSING_MID Missing Message-Id: header
0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
0.0 MIME_HTML_ONLY_MULTI Multipart message only has text/html MIME parts
0.0 TVD_SPACE_RATIO No description available.
This is a multipart message in MIME format.
------=_NextPart_000_003E_01D69986.D7784860
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
3HXT40ONGO2JCPHUO0A610GJF5 YNTL 6 QM8O0SK8HUFEL1GFF SDGZWS9
WT7OFUJ3YR8DBJIO1Y2MX57ANLUYUJE0QT7USV1
------=_NextPart_000_003E_01D69986.D7784860
Content-Type: text/html;
boundary="===============3559961448112974035==";
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
3HXT40ONGO2JCPHUO0A610GJF5
YNTL
6
QM8O0SK8HUFEL1GFF
SDGZWS9
WT7OFUJ3YR8DBJIO1Y2MX57ANLUYUJE0QT7USV1
------=_NextPart_000_003E_01D69986.D7784860--My assumptions:
- a letter to control a bot or trojan;
- a letter from a prospective employer who is looking for talent, this has already happened in the history of IT /
Similar questions
T
B
A
K
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question