We have received information regarding spam and/or abuse from ncsc-fi-autoreporter@traficom.fi.
This is an information email only and does not require any further action on your part.
It is your choice whether or not to investigate the complaint.
We do not expect any response.
Information:
NCSC-FI has received information regarding IP-addresses in your network which may have security problems. The information regarding the problems is included as an attachment in CSV format. Data lines have the following format:
asn|ip|source time|domain name|cc|type|uuid|info
Here cc refers to the country code, type to the type of the security problem, and uuid is the unique identifier of the event in Autoreporter. The info column is reserved for any additional information. The column always includes an anonymous identifier for the datasource that is used in the report. All timestamps are given in UTC.
This report is electronically signed using the PGP-key of Autoreporter. The key is available at
https://www.kyberturvallisuuskeskus.fi/sites/default/files/media/file/NCSC-FI_AUTOREPORTER_2019-2024.txt
For more information on the reported events please contact NCSC-FI at cert@traficom.fi.
Network:
— — asn: 24940
— — ip range:
Report:
— — start UTC time: 2022-10-23 06:00:06Z
— — end UTC time: 2022-10-24 06:00:08Z
iQIzBAEBCgAdFiEEg1mZyDyMiOAxIHs40THbfFWUSSwFAmNWKekACgkQ0THbfFWU
SSyCRA//Y+AW0qsp2BB22b/hLBsxS0ebapLGn8YFkeUauMeJtfYlR40bow3d8LSg
cgEbClgFYAqQlJMpuG8LVA4wQK24aPqo1gP2IB2Pt2TBvkC8yYgkwEaDR1eybmMb
Mq0TFZ1cQvkUy5LmpD904l7Dc+ILxfdwJ+C4coP87USis+0HOYMw5PpYXj57JScB
XsLn6hi9HTFDIur+voiC2xgD9xdH783o8fOMndsONdrQzKtWddoJ2lHfAIlYDblP
Si173axBrVEaKCvN5jAFTJ5aMreumJEC8pIGDE6HNxcveEvmaRXHGjq/Z+AMdwzH
t+WvYmbEFSGqGtVSS9lVc7qpHyoHkZ1YdRgzQMyJdZNg6TOp7Mz9WWKz6PHMh/Zt
pMWqGQWfFGPpzArknv9yZjoB5R+CiLyWxFJzjWHykxcwwICLrcLSpZPOpRXqHal6
E1BOV0iIE3eO3uJWeGBfgXsUVQ95VPgzpL8hIV/hPYm7l84vXcFhQuGyD6u8ANnr
WHaoWXm7bJL/BpouWdtYxrPrA1TfnrpgkAjXsvf1/JkdsCqTLaJns/ppCwYNHFQN
giD8SKqY1cO4hcHUSJJUPyNYLVo4C7Lt7kq3jKWLsQIfqcUrpn+3M/xFhiDGDF2M
xAzaKXTixiJzRxIvIRQ7e6xFvzzQIgvPes58RmKZK7mFn+r9r/4=
=YsPD
——END PGP SIGNATURE——
24940|135.181.179.124|2022-10-23 12:07:42Z||FI|bot|7e1d71af-cb4d-44c7-80ec-7388b974167c|Datasource: l, Malware: generic/avalanche, C&C Ip: 216.218.135.114, C&C Port: 80, Additional Information: B67-SS-GENERIC, Source Port: 53769
24940|135.181.179.124|2022-10-23 07:22:14Z||FI|bot|1ee350e0-c694-43e1-adfe-74d8d1a72684|Datasource: b, C&C Dns: autoconfig.finaljudgedomain.com, C&C Ip: 87.106.18.122, C&C Port: 80, Http Request: /mail/config-v1.1.xml?emailaddress=bipgraikibece@finaljudgedomain.com, Source Port: 60590
24940|135.181.179.124|2022-10-23 12:07:03Z||FI|bot|5b4f3063-66d8-408b-83e7-392866e06cae|Datasource: b, Malware: avalanche, C&C Ip: 216.218.135.114, C&C Port: 80, Source Port: 59931
