-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hey,
It doesn't seem to be targetted. It looks like your email was sucked into a spamlist to send malware too. For malware researchers, the sample can be obtained over here: https://malwr.com/analysis/YjQ1Y2FjZTcxMTgxNDgwNmE4MWIyYjIzN2RjNWM1YTc/
Jurre
On 02/03/2014 10:33 PM, phrag wrote:
FYI: Just got this to my Tor relay mail address, with a zip file attached extracting to a '.scr' win exe. Curiously routed via a .gov.uk mail relay...
GB03022014.scr: PE32 executable (GUI) Intel 80386, for MS Windows
MD5: dba1e52929f6ca9d1a1bf87e4ff469cf GB2546241.zip MD5: fb1141494829b144b0075035022cfbb9 GB03022014.scr
Samples available on request. Full mail headers attached.
==========
From defeats871@richszabo.com Mon Feb 03 14:06:39 2014 Return-path: defeats871@richszabo.com Received: from [217.109.27.97] (helo=WNACDHPXR) Received: from mail1.bemta14.messagelabs.com by server.justinarcher.net Received: from gateway-102.energis.gsi.gov.uk (HELO mx.hosting-w.gsi.gov.uk) (62.25.106.208) by server-10.tower-205.messagelabs.com X-Env-Sender: gateway.confirmation@gateway.gov.uk
From: gateway.confirmation@gateway.gov.uk To: tor@phra.gs Subject: Your Online Submission for Reference 485/GB2546241 Could not process Date: Mon, 3 Feb 2014 22:16:02 +0100
The submission for reference 485/GB2546241 was successfully received and was not processed. Check attached copy for more information. This is an automatically generated email. Please do not reply as the email address is not monitored for received mail.
==========
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
- -- Developer at https://www.useotrproject.org/