Dear Mr Vova Kuchkovskyi,
We have received information regarding spam and/or abuse from ncsc-fi-autoreporter@traficom.fi.
This is an information email only and does not require any further action on your part.
It is your choice whether or not to investigate the complaint.
We do not expect any response.
Information:
NCSC-FI has received information regarding IP-addresses in your network which may have security problems. The information regarding the problems is included as an attachment in CSV format. Data lines have the following format:
asn|ip|source time|domain name|cc|type|uuid|info
Here cc refers to the country code, type to the type of the security problem, and uuid is the unique identifier of the event in Autoreporter. The info column is reserved for any additional information. The column always includes an anonymous identifier for the datasource that is used in the report. All timestamps are given in UTC.
This report is electronically signed using the PGP-key of Autoreporter. The key is available at
https://www.kyberturvallisuuskeskus.fi/sites/default/files/media/file/NCSC-FI_AUTOREPORTER_2019-2024.txt
For more information on the reported events please contact NCSC-FI.
Network:
— — asn: 24940
— — ip range:
Report:
— — start UTC time: 2021-03-05 07:00:06Z
— — end UTC time: 2021-03-06 07:00:08Z
24940|95.216.29.183|2021-03-05 08:46:29Z||FI|bot|9c1555ff-3795-4cd2-ab19-134358f17dbf|Datasource: l, Malware: generic/avalanche, C&C Ip: 216.218.135.114, C&C Port: 80, Additional Information: B67-SS-GENERIC
24940|95.216.29.183|2021-03-05 13:33:52Z||FI|bot|d8df2096-8ba2-4286-82e7-3085d40f3250|Datasource: b, Malware: unspecified bot, C&C Dns: anxmalls.com, C&C Ip: 87.106.18.122, C&C Port: 80, Source Port: 50325
24940|95.216.29.183|2021-03-05 08:46:25Z||FI|bot|a1ff6a70-6d69-4114-8e8f-d6c6b40c156f|Datasource: b, Malware: avalanche, C&C Dns: olo4lol.uni.me, C&C Ip: 216.218.135.114, C&C Port: 80, Source Port: 64076
24940|95.216.29.183|2021-03-06 18:49:39Z||FI|bot|88d52af2-25cb-475f-9711-a4dcef22eb67|Datasource: l, Malware: generic/avalanche, C&C Ip: 216.218.135.114, C&C Port: 80, Additional Information: B67-SS-GENERIC
24940|95.216.29.183|2021-03-06 00:54:13Z||FI|bot|47ec4a4f-f0cd-4fa9-a2b0-d40a300da6d8|Datasource: b, Malware: unspecified bot, C&C Dns: comcasj.com, C&C Ip: 87.106.18.122, C&C Port: 80, Source Port: 56395
24940|95.216.29.183|2021-03-06 18:49:38Z||FI|bot|693e0fdf-20ec-46cc-a059-d3935d155083|Datasource: b, Malware: avalanche, C&C Dns: autoconfig.olo4lol.uni.me, C&C Ip: 216.218.135.114, C&C Port: 80, Source Port: 62422
24940|95.216.29.183|2021-03-08 21:43:30Z||FI|bot|99767551-0497-42c8-93ec-748b8f3690f4|Datasource: b, Malware: unspecified bot, C&C Dns: comcasj.com, C&C Ip: 87.106.18.122, C&C Port: 80, Source Port: 57639
24940|95.216.29.183|2021-03-09 04:06:20Z||FI|bot|37ab29e5-4556-4bf8-b040-90f8b72d5827|Datasource: l, Malware: generic/avalanche, C&C Ip: 216.218.135.114, C&C Port: 80, Additional Information: B67-SS-GENERIC
24940|95.216.29.183|2021-03-09 01:12:26Z||FI|bot|3422df4d-107a-46b7-8115-bac98174247a|Datasource: b, Malware: unspecified bot, C&C Dns: believesex.com, C&C Ip: 87.106.18.122, C&C Port: 80, Source Port: 51069
24940|95.216.29.183|2021-03-09 04:06:19Z||FI|bot|3488cd62-cc6e-4cad-8fc6-6752e9a327ee|Datasource: b, Malware: avalanche, C&C Dns: autoconfig.olo4lol.uni.me, C&C Ip: 216.218.135.114, C&C Port: 80, Source Port: 59407
24940|95.216.29.183|2021-03-10 22:02:50Z||FI|bot|b95d2825-c713-4051-8c6b-65c4e4559d47|Datasource: l, Malware: generic/avalanche, C&C Ip: 216.218.135.114, C&C Port: 80, Additional Information: B67-SS-GENERIC
24940|95.216.29.183|2021-03-10 22:02:43Z||FI|bot|8538ab0e-396e-4f93-84ab-c09b18323ff5|Datasource: b, Malware: avalanche, C&C Dns: olo4lol.uni.me, C&C Ip: 216.218.135.114, C&C Port: 80, Source Port: 59011
24940|95.216.29.183|2021-03-10 21:54:08Z||FI|bot|dee883a9-36c7-4e31-8161-4b31dcb17aa4|Datasource: b, Malware: unspecified bot, C&C Dns: believesex.com, C&C Ip: 87.106.18.122, C&C Port: 80, Source Port: 54704
24940|95.216.29.183|2021-03-11 00:04:59Z||FI|bot|b77c9040-5ef3-4bd2-a50d-cbcf121a25f3|Datasource: b, Malware: unspecified bot, C&C Dns: believesex.com, C&C Ip: 87.106.18.122, C&C Port: 80, Source Port: 57841
24940|95.216.29.183|2021-03-11 19:40:23Z||FI|bot|c3063d2c-6eb3-4281-817d-f94a815def5f|Datasource: b, Malware: avalanche, C&C Dns: autoconfig.olo4lol.uni.me, C&C Ip: 216.218.135.114, C&C Port: 80, Source Port: 57921
24940|95.216.29.183|2021-03-12 00:56:15Z||FI|bot|25ac7a91-af49-4d69-8716-656ac406f8d2|Datasource: b, Malware: unspecified bot, C&C Dns: retrmailse.com, C&C Ip: 87.106.18.122, C&C Port: 80, Source Port: 61508
24940|95.216.29.183|2021-03-13 07:24:54Z||FI|bot|84170d66-d58f-4d17-b5c9-7cb73b5e40dd|Datasource: b, Malware: unspecified bot, C&C Dns: finaljudgedomain.com, C&C Ip: 87.106.18.122, C&C Port: 80, Source Port: 57036
24940|95.216.29.183|2021-03-13 20:41:35Z||FI|bot|b5d86e98-8d92-4c73-acef-a64f07455af8|Datasource: b, Malware: avalanche, C&C Dns: autoconfig.olo4lol.uni.me, C&C Ip: 216.218.135.114, C&C Port: 80, Source Port: 52765
24940|95.216.29.183|2021-03-14 22:22:58Z||FI|bot|f302d333-2eac-4f78-a1c6-5cff108607bd|Datasource: b, Malware: unspecified bot, C&C Dns: finaljudgedomain.com, C&C Ip: 87.106.18.122, C&C Port: 80, Source Port: 60620
24940|95.216.29.183|2021-03-15 14:56:46Z||FI|bot|72b54e14-872c-4b71-8566-b04f4b9ebcee|Datasource: l, Malware: generic/avalanche, C&C Ip: 216.218.135.114, C&C Port: 80, Additional Information: B67-SS-GENERIC
24940|95.216.29.183|2021-03-15 03:12:42Z||FI|bot|c0e57413-0c79-4911-933b-697e3c680347|Datasource: b, Malware: unspecified bot, C&C Dns: anxmalls.com, C&C Ip: 87.106.18.122, C&C Port: 80, Source Port: 60738
24940|95.216.29.183|2021-03-15 14:56:41Z||FI|bot|518b8f92-ba64-438b-a099-bdd4ae391646|Datasource: b, Malware: avalanche, C&C Dns: olo4lol.uni.me, C&C Ip: 216.218.135.114, C&C Port: 80, Source Port: 63889
Important note:
When replying to us, please leave the abuse ID [AbuseID:83E311:21] unchanged in the subject line.
