MOON
Server: Apache
System: Linux server.royaltuning.hu 4.18.0-425.13.1.el8_7.x86_64 #1 SMP Tue Feb 21 04:20:52 EST 2023 x86_64
User: royaltuning (1001)
PHP: 8.2.30
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/royaltuning/mail/.spam/new/
Upload Files
File: /home/royaltuning/mail/.spam/new/1726004093.M436706P3927568.server.royaltuning.hu,S=11226,W=11446
Return-Path: <abualdarwesh@mail2boy.com>
Delivered-To: royaltuning+spam@server.royaltuning.hu
Received: from server.royaltuning.hu
	by server.royaltuning.hu with LMTP
	id DqORGX274GYQ7jsAs5Hlmw
	(envelope-from <abualdarwesh@mail2boy.com>)
	for <royaltuning+spam@server.royaltuning.hu>; Tue, 10 Sep 2024 23:34:53 +0200
Return-path: <abualdarwesh@mail2boy.com>
Envelope-to: no-reply@royaltuning.hu
Delivery-date: Tue, 10 Sep 2024 23:34:53 +0200
Received: from [189.217.88.60] (port=47067 helo=customer-189-217-88-60.cablevision.net.mx)
	by server.royaltuning.hu with esmtp (Exim 4.97.1)
	(envelope-from <abualdarwesh@mail2boy.com>)
	id 1so8Vh-0000000GTjK-00b1
	for no-reply@royaltuning.hu;
	Tue, 10 Sep 2024 23:34:53 +0200
Message-ID: <66E066F2.4030602@mail2boy.com>
Date: Tue, 10 Sep 2024 08:34:10 -0700
From: "lucius shu" <abualdarwesh@mail2boy.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.4) Gecko/20100608 Thunderbird/3.1
MIME-Version: 1.0
To: <no-reply@royaltuning.hu>
Content-Type: multipart/alternative;
 boundary="------------000707060503090600080800"
X-Spam-Status: Yes, score=20.8
X-Spam-Score: 208
X-Spam-Bar: ++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "server.royaltuning.hu",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Hell&oacute;! &Eacute;n egy hacker vagyok, aki hozz&aacute;f&eacute;r
    az &Ouml;n oper&aacute;ci&oacute;s rendszer&eacute;hez. Teljes hozz&aacute;f&eacute;r&eacute;ssel
    rendelkezem a fi&oacute;kjaihoz is. 
 Content analysis details:   (20.8 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  3.6 RCVD_IN_PBL            RBL: Received via a relay in Spamhaus PBL
                             [189.217.88.60 listed in zen.spamhaus.org]
  4.7 RCVD_IN_XBL            RBL: Received via a relay in Spamhaus XBL
                             [189.217.88.60 listed in zen.spamhaus.org]
  0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
                              Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                             [189.217.88.60 listed in bl.score.senderscore.com]
  0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The
                             query to Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                          [189.217.88.60 listed in sa-trusted.bondedsender.org]
  0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
                              Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                             [189.217.88.60 listed in sa-accredit.habeas.com]
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  1.1 DATE_IN_PAST_06_12     Date: is 6 to 12 hours before Received: date
  0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail provider
                             [abualdarwesh(at)mail2boy.com]
  0.0 HTML_MESSAGE           BODY: HTML included in message
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
                             anti-forgery methods
  0.0 BITCOIN_SPAM_03        BitCoin spam pattern 03
  0.2 PDS_BTC_ID             FP reduced Bitcoin ID
  3.2 HELO_DYNAMIC_IPADDR    Relay HELO'd using suspicious hostname (IP addr
                             1)
  2.5 BITCOIN_SPAM_02        BitCoin spam pattern 02
  0.0 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS
  2.5 BITCOIN_SPAM_05        BitCoin spam pattern 05
  0.0 SPOOFED_FREEMAIL       No description available.
X-Spam-Flag: YES
Subject:  ***SPAM***  Re:

This is a multi-part message in MIME format.
--------------000707060503090600080800
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable

Hell&oacute;!

&Eacute;n egy hacker vagyok, aki hozz&aacute;f&eacute;r az &Ouml;n =
oper&aacute;ci&oacute;s rendszer&eacute;hez.
Teljes hozz&aacute;f&eacute;r&eacute;ssel rendelkezem a =
fi&oacute;kjaihoz is.

M&aacute;r n&eacute;h&aacute;ny h&oacute;napja figyellek t&eacute;ged.
A t&eacute;ny az, hogy megfert&#337;z&#337;dt&eacute;l egy =
rosszindulat&uacute; szoftverrel egy feln&#337;tteknek =
sz&oacute;l&oacute; oldalon kereszt&uuml;l, amit =
megl&aacute;togatt&aacute;l.

Ha nem ismeri ezt, elmagyar&aacute;zom.
A tr&oacute;jai v&iacute;rus teljes hozz&aacute;f&eacute;r&eacute;st =
&eacute;s ellen&#337;rz&eacute;st biztos&iacute;t sz&aacute;momra egy =
sz&aacute;m&iacute;t&oacute;g&eacute;p vagy m&aacute;s eszk&ouml;z =
felett.
Ez azt jelenti, hogy mindent l&aacute;thatok a =
k&eacute;perny&#337;d&ouml;n, bekapcsolhatom a kamer&aacute;t &eacute;s =
a mikrofont, de te nem tudsz r&oacute;la.

Hozz&aacute;f&eacute;r&eacute;sem van az &ouml;sszes kapcsolatodhoz =
&eacute;s az &ouml;sszes levelez&eacute;sedhez is.

Mi&eacute;rt nem &eacute;szlelte a v&iacute;rusirt&oacute;ja a =
rosszindulat&uacute; szoftvereket?
V&aacute;lasz: A malware-em a meghajt&oacute;t haszn&aacute;lja, 4 =
&oacute;r&aacute;nk&eacute;nt friss&iacute;tem az =
al&aacute;&iacute;r&aacute;sait, &iacute;gy a v&iacute;rusirt&oacute;ja =
n&eacute;ma.

K&eacute;sz&iacute;tettem egy vide&oacute;t, amely megmutatja, hogyan =
el&eacute;g&iacute;ti ki mag&aacute;t a k&eacute;perny&#337; bal =
fel&eacute;ben, &eacute;s a jobb fel&eacute;ben l&aacute;tja a =
vide&oacute;t, amelyet megn&eacute;zett.
Egyetlen kattint&aacute;ssal elk&uuml;ldhetem ezt a vide&oacute;t az =
&ouml;sszes e-mail c&iacute;medre &eacute;s a k&ouml;z&ouml;ss&eacute;gi =
h&aacute;l&oacute;zatokon l&eacute;v&#337; kapcsolataidra.
Az &Ouml;n &aacute;ltal haszn&aacute;lt &ouml;sszes e-mail =
levelez&eacute;s&eacute;hez &eacute;s =
&uuml;zenetk&uuml;ld&#337;j&eacute;hez is =
hozz&aacute;f&eacute;r&eacute;st tudok post&aacute;zni.

Ha ezt meg akarja akad&aacute;lyozni,
utalja &aacute;t az 1300 euro(EUR) &ouml;sszeget a bitcoin =
c&iacute;memre (ha nem tudja, hogyan kell ezt megtenni, keressen =
r&aacute; a Google-ban: "Bitcoin v&aacute;s&aacute;rl&aacute;s").

A bitcoin c&iacute;mem (BTC Wallet) a k&ouml;vetkez&#337;: =
1M1KcDueek7seRxMpvyxfAA6GBMUeAoYt

A fizet&eacute;s be&eacute;rkez&eacute;se ut&aacute;n t&ouml;r&ouml;lni =
fogom a vide&oacute;t, &eacute;s soha t&ouml;bb&eacute; nem fogsz =
hallani r&oacute;lam.
A fizet&eacute;sre 50 &oacute;r&aacute;t (t&ouml;bb mint 2 napot) adok.
Van egy &eacute;rtes&iacute;t&eacute;sem arr&oacute;l, hogy ezt a =
levelet olvasod, &eacute;s az id&#337;z&iacute;t&#337; azonnal elindul, =
miut&aacute;n megnyitod.

Panaszt tenni valahol nincs &eacute;rtelme, mert ezt az e-mailt nem =
lehet k&ouml;vetni, mint a bitcoin c&iacute;memet.
&Eacute;n nem k&ouml;vetek el hib&aacute;kat.

Ha &uacute;gy tal&aacute;lom, hogy ezt az &uuml;zenetet megosztottad =
valaki m&aacute;ssal, a vide&oacute;t azonnal terjesztem.

&Uuml;dv&ouml;zlettel!

--------------000707060503090600080800
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>

    <meta http-equiv=3D"content-type" content=3D"text/html; =
charset=3DISO-8859-1">
  </head>
  <body text=3D"#000000" bgcolor=3D"#ffffff">
    <p>Hell&oacute;!<br /><br />&Eacute;n egy hacker vagyok, aki =
hozz&aacute;f&eacute;r az &Ouml;n oper&aacute;ci&oacute;s =
rendszer&eacute;hez.<br />Teljes hozz&aacute;f&eacute;r&eacute;ssel =
rendelkezem a fi&oacute;kjaihoz is.<br /><br />M&aacute;r =
n&eacute;h&aacute;ny h&oacute;napja figyellek t&eacute;ged.<br />A =
t&eacute;ny az, hogy megfert&#337;z&#337;dt&eacute;l egy =
rosszindulat&uacute; szoftverrel egy feln&#337;tteknek =
sz&oacute;l&oacute; oldalon kereszt&uuml;l, amit =
megl&aacute;togatt&aacute;l.<br /><br />Ha nem ismeri ezt, =
elmagyar&aacute;zom.<br />A tr&oacute;jai v&iacute;rus teljes =
hozz&aacute;f&eacute;r&eacute;st &eacute;s ellen&#337;rz&eacute;st =
biztos&iacute;t sz&aacute;momra egy =
sz&aacute;m&iacute;t&oacute;g&eacute;p vagy m&aacute;s eszk&ouml;z =
felett.<br />Ez azt jelenti, hogy mindent l&aacute;thatok a =
k&eacute;perny&#337;d&ouml;n, bekapcsolhatom a kamer&aacute;t &eacute;s =
a mikrofont, de te nem tudsz r&oacute;la.<br /><br =
/>Hozz&aacute;f&eacute;r&eacute;sem van az &ouml;sszes kapcsolatodhoz =
&eacute;s az &ouml;sszes levelez&eacute;sedhez is.<br /><br =
/>Mi&eacute;rt nem &eacute;szlelte a v&iacute;rusirt&oacute;ja a =
rosszindulat&uacute; szoftvereket?<br />V&aacute;lasz: A malware-em a =
meghajt&oacute;t haszn&aacute;lja, 4 &oacute;r&aacute;nk&eacute;nt =
friss&iacute;tem az al&aacute;&iacute;r&aacute;sait, &iacute;gy a =
v&iacute;rusirt&oacute;ja n&eacute;ma.<br /><br =
/>K&eacute;sz&iacute;tettem egy vide&oacute;t, amely megmutatja, hogyan =
el&eacute;g&iacute;ti ki mag&aacute;t a k&eacute;perny&#337; bal =
fel&eacute;ben, &eacute;s a jobb fel&eacute;ben l&aacute;tja a =
vide&oacute;t, amelyet megn&eacute;zett.<br />Egyetlen =
kattint&aacute;ssal elk&uuml;ldhetem ezt a vide&oacute;t az &ouml;sszes =
e-mail c&iacute;medre &eacute;s a k&ouml;z&ouml;ss&eacute;gi =
h&aacute;l&oacute;zatokon l&eacute;v&#337; kapcsolataidra.<br />Az =
&Ouml;n &aacute;ltal haszn&aacute;lt &ouml;sszes e-mail =
levelez&eacute;s&eacute;hez &eacute;s =
&uuml;zenetk&uuml;ld&#337;j&eacute;hez is =
hozz&aacute;f&eacute;r&eacute;st tudok post&aacute;zni.<br /><br />Ha =
ezt meg akarja akad&aacute;lyozni,<br />utalja &aacute;t az 1300 =
euro(EUR) &ouml;sszeget a bitcoin c&iacute;memre (ha nem tudja, hogyan =
kell ezt megtenni, keressen r&aacute; a Google-ban: "Bitcoin =
v&aacute;s&aacute;rl&aacute;s").<br /><br />A bitcoin c&iacute;mem (BTC =
Wallet) a k&ouml;vetkez&#337;: 1M1KcDueek7seRxMpvyxfAA6GBMUeAoYt<br =
/><br />A fizet&eacute;s be&eacute;rkez&eacute;se ut&aacute;n =
t&ouml;r&ouml;lni fogom a vide&oacute;t, &eacute;s soha =
t&ouml;bb&eacute; nem fogsz hallani r&oacute;lam.<br />A =
fizet&eacute;sre 50 &oacute;r&aacute;t (t&ouml;bb mint 2 napot) adok.<br =
/>Van egy &eacute;rtes&iacute;t&eacute;sem arr&oacute;l, hogy ezt a =
levelet olvasod, &eacute;s az id&#337;z&iacute;t&#337; azonnal elindul, =
miut&aacute;n megnyitod.<br /><br />Panaszt tenni valahol nincs =
&eacute;rtelme, mert ezt az e-mailt nem lehet k&ouml;vetni, mint a =
bitcoin c&iacute;memet.<br />&Eacute;n nem k&ouml;vetek el =
hib&aacute;kat.<br /><br />Ha &uacute;gy tal&aacute;lom, hogy ezt az =
&uuml;zenetet megosztottad valaki m&aacute;ssal, a vide&oacute;t azonnal =
terjesztem.<br /><br />&Uuml;dv&ouml;zlettel!</p>
  </body>
</html>

--------------000707060503090600080800--
@ Telegram