Merhabalar, Dün ve bugün "SIPARISLERIMIZ HAKKINDA." konulu mail alıyoruz. Mail içeriğinde 1 adet rar dosyası bulunmakta.
Dosyanın virustotal inceleme raporu https://www.virustotal.com/tr/file/8c4076ce9d6322b5a0f20294e4e2ba217dfcd5110021c39b8cad53737cabf2c1/analysis/1521785756/ Dosyayı WeTranfer üzerinden paylaşıyorum. https://we.tl/8Q0SjoutE5 Ayrıca Mail header bilgisi ektedir. Kullanıcılarımızdan birisi rar dosyası içerisindeki word dosyasını açmış, dosya içi boş gözüküyormuş (korumalı görünümde açmış, korumalı görünümü kaldırmamış) Virüs bulaşmış olabilir mi? Teşekkürler.
Received: from KL1PR0201MB2184.apcprd02.prod.outlook.com (2a01:111:e400:5bf9::33) by HK2PR02MB1153.apcprd02.prod.outlook.com with HTTPS via KL1PR03CA0065.APCPRD03.PROD.OUTLOOK.COM; Thu, 22 Mar 2018 17:18:44 +0000 Received: from HK2PR02CA0194.apcprd02.prod.outlook.com (2603:1096:201:21::30) by KL1PR0201MB2184.apcprd02.prod.outlook.com (2603:1096:802:7::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.588.14; Thu, 22 Mar 2018 17:18:37 +0000 Received: from DB5EUR03FT014.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::204) by HK2PR02CA0194.outlook.office365.com (2603:1096:201:21::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.609.10 via Frontend Transport; Thu, 22 Mar 2018 17:18:36 +0000 Authentication-Results: spf=pass (sender IP is 37.148.208.12) smtp.mailfrom=yelpaze.com.tr; domain.com.tr; dkim=none (message not signed) header.d=none;domain.com.tr; dmarc=bestguesspass action=none header.from=yelpaze.com.tr; Received-SPF: Pass (protection.outlook.com: domain of yelpaze.com.tr designates 37.148.208.12 as permitted sender) receiver=protection.outlook.com; client-ip=37.148.208.12; helo=mail.teknikistanbul.org; Received: from mail.teknikistanbul.org (37.148.208.12) by DB5EUR03FT014.mail.protection.outlook.com (10.152.20.102) with Microsoft SMTP Server id 15.20.567.16 via Frontend Transport; Thu, 22 Mar 2018 17:18:33 +0000 Received: from TEST ([176.55.73.163]) by teknikistanbul.org with MailEnable ESMTP; Thu, 22 Mar 2018 20:13:14 +0300 From: "[email protected]" <[email protected]> Subject: SIPARISLERIMIZ HAKKINDA. To: domain <[email protected]> Content-Type: multipart/mixed; boundary="InWgD647uX9EpM785IxU=_rjnMkBMN00RN" MIME-Version: 1.0 Organization: [email protected] Date: Thu, 22 Mar 2018 19:18:38 +0200 Message-ID: <82d972cd-c381-466b-a142-b472ba9e3...@db5eur03ft014.eop-eur03.prod.protection.outlook.com> Return-Path: [email protected] X-MS-Exchange-Organization-Network-Message-Id: 1667b309-8a59-4d50-547a-08d59018f0fa X-EOPAttributedMessage: 0 X-EOPTenantAttributedMessage: d0eb9e21-a353-4bd4-bc05-7883dc2f06e3:0 X-MS-Exchange-Organization-MessageDirectionality: Incoming X-Forefront-Antispam-Report: CIP:37.148.208.12;IPV:NLI;CTRY:;EFV:NLI;SFV:NSPM;SFS:(8156002)(2990300002)(438002)(199004)(189003)(956003)(3480700004)(104016004)(356003)(7636002)(8676002)(564344004)(86582002)(106466001)(106002)(33964004)(31696002)(2476003)(74482002)(1096003)(26005)(7116003)(31686004)(33896004)(5660300001)(44144004)(21480400003)(5000100001)(336012)(450100002)(27350400002)(4610100001)(6692004)(36916002)(246002)(33003)(16586007)(5890100001)(74316002)(9686003)(86362001)(6666003)(4001590100001)(84326002)(568964002)(6862004)(30626003)(27490500001);DIR:INB;SFP:;SCL:1;SRVR:KL1PR0201MB2184;H:mail.teknikistanbul.org;FPR:;SPF:Pass;PTR:teknikistanbul.org;A:1;MX:1;LANG:tr; X-Microsoft-Exchange-Diagnostics: 1;DB5EUR03FT014;1:m5whhnItWO5zvXMK3zN8zrtxd1leWPoW6Ofihoc4HClEwEnrQedcoSwPtjCZoZDMxn26kBLc/WSlPTVe8C119KvHeAh3oYTy3z/0uK8gqmzLhlY3hoXVTjkbAvhXVkVa X-MS-Exchange-Organization-AuthSource: DB5EUR03FT014.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 1667b309-8a59-4d50-547a-08d59018f0fa X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(7020095)(5600026)(4604075)(4605076)(4608076)(49563074)(1401096)(1414027)(71702078);SRVR:KL1PR0201MB2184; X-Microsoft-Exchange-Diagnostics: 1;KL1PR0201MB2184;3:5LadJmzyuc0PN2nezoY8Y513njHBbVN4h/chbhlEEQdl4btYBRP8aDsDKBrtJPi7hz8nQQtoiROiefqye2tIfn6KUmC6DzcmJF62F/PCDzI/LSQgfwTzQophG0z9tcIQ/baSJKOWCGdD3XiqMb1uONO38ZP2E1Uxq+rDbaTn2GAolBQSlN+fvHvlwljzhVE2MjI1545YLPZHJ4r9JsDT9QYde5hd/DlNqHoGEjNP/wnx53qNw7StjygkmB2Dn6kX8Bm5T+AYQ45hOJRKvq009w5BuMrMKEj1+jfAzJSfndnW90SSE8q5fIvrs7fP7Ew241p+1doaGVAEJ25bLOqDZg==;25:3tKd2RtnRjD4IJrx8/XcmHx5KPVtOcPlpdKPj25wZ7lc99ECjDHAwyJ+Xu4yf3HOvrZANqIf8SjG2PLve4P/sn9KVVwazOjmNsmsu+nmwIBPjwWqlG4i/wTvKCKRRwWP5QQyl4LSuM4lAXZxFoPLzdus1GGZFkMFQAHJNZBkePzdXvIjiWnGrCu00qu5DRtdE9+ko9GNkBPCLpLl0pDuCOV47l9KT/dE5zVJ8xKRJWApt7wjQ8MAaMKwff0giCPECu5BstygmrZ/c1bPhBWOTvCZ4HfJ/3TbjpoK5vkJRpzoqDHMVgaN9YWzuKvLaJKaIAQsf27fLpZqGpqNzC7p6Q==;31:dYVr2lPPLHQK6ILhxRpu3yXVbBeUQKCJnDPduiMsUQ2oqZCCQ8XXmZWjW5mwChQh/+hV9hTGKLB6NsS3V9cIMP9ojCuu9o5LOT9AseDQkc901v/AzyDm3NoLryL1YEOCmkgr+sUkjU093/iym4UTUASVk3GUw0KTqkDefEmPr0wBvgReYxekJDHXILVyXerrL/XMPQIxrew8OMGIMWn9Se1wy1b0fKT5Gzsz1Dh75Ts= X-MS-TrafficTypeDiagnostic: KL1PR0201MB2184: X-Microsoft-Exchange-Diagnostics: 1;KL1PR0201MB2184;20:rvM2M9Q14Gqr50wKG794NeyXFM8DW8lpfcIM3HyvnxquK4iDsEZ5mRQigmCr7Ay1tmAmxPUoMJExN3iLDbQwsa4UaY3qKGp1xKPVXVM0ZRJE2OlC2CaMSpLouOgJHumJcHuHcdHBsA854MHJSSOMV6xTapk77WjnUwnLR82317E8+q48GpTsb6EanCDJTCS7RGViyYMtmCKmF0ClFoFTMM7eoI6R1ORn71ZMJe8y77YWXFMpVNKxenYuU7F1MWSnKUhlg6yL6hidBoSbZpMlqgpBFDjWcuFaJodDKGSjx61BIp74k00jv0XlXLQdan4l+swQaYxZgao3hiH2UuzKBsBVDMdd65q/c2Nx2PGixqBopf7vVI7Q1Hq/mJvMqNJWsEnhVd2B6kXRijd8kNcOHu8UI+slTA0oY6kX7VwVDyNAg7snqHwa3bhh5WWizIsJTwW8nBkmS3Dg+0wx6oUx0gregh7CYLkisGuFkIEzJimgucdDDv0eogqfkkB3I1yx;4:Dot/svQHNg2oL2s4dXXVsDfFvuq38FQ7DF+7P5xGAFRR7r6AQtrnA4iN+GqoBAAjybr+fQQgumckqge2x14iyHWE7wthhUYudyiIE4EajBoRW6hyibOA2gtDh0FUMGK3/S3Jxlj9abVLhbP4yH5OcnbRwfjsFeQNXNu5HqtcF5W34y7/5Eeh7gs4GERWxZ0XcwAb/iVm9/dTeOXjSxcYD5xkHXr7I8cLTlW4tjljC5pt9ifOWx3+qqpfRO1bjGy7UJn2G6W4VMEYKh8QTFlWBw== X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(102415395)(7630418)(2401047)(8121501046)(7631346)(7632307)(7633261)(1430347)(1431041)(1432103)(1551027)(9101536074)(93006095)(93004095)(3231221)(902075)(903095)(944500087)(944510158)(944921075)(946801075)(946901075)(52103095)(52105095)(52106095)(52401095)(52601095)(52505095)(52406095)(3002001)(10201501046)(1610001)(8301001075)(8301003183)(201708071742011);SRVR:KL1PR0201MB2184;BCL:0;PCL:0;RULEID:;SRVR:KL1PR0201MB2184; X-MS-Exchange-Organization-SCL: 1 X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;KL1PR0201MB2184;23:mU0PPmgwKZwFPv6gLPznVNZBYLoEcXLXyXJPk82?= =?us-ascii?Q?D1RH5NM2+1T2dx/TrnBXZF+wNOzAyaqQvLtOBXHlDvDhUKfBGwZ/9Y7YOIfH?= =?us-ascii?Q?2IiBwLqMtZi/U5D5sI2u0zhcxUfThUoD5Bn75kPefTNskpTIafwaLIzSvkR9?= =?us-ascii?Q?aZmGQWAo3CUHX8WZBVqhOjekDlCE5wRYbDL3pQttruR1/6Uj4o2/zKVYamSL?= =?us-ascii?Q?LJG/jHesGvXHGBcPQB0rqWNoV+D9maFV0LedoB5jtwBQPUxbSCwwsEnp6vod?= =?us-ascii?Q?R6rqFKwXKotnkol4CKtVwQ4LHUiGU6FjgKE2NDAExbYY+w/3IvReDpTc/qrb?= =?us-ascii?Q?Y0rkwIuTR8OnMgIWmRSiT2yoRcTtp2oV6GOOasqdYvkkVQ89QJNB4gKp3tYi?= =?us-ascii?Q?/oDiwB47i3wd3hFVgTJsFWyytwjam3FJUVVVzPZwfSAaMdrNZnzb9qNIcuOy?= =?us-ascii?Q?oyJe57sJ2ut6jvCUvusnm6MCcCVIp67ha0+iEf5qhaBqYqxYpR07a8rG5PJw?= =?us-ascii?Q?+I9hdb7btSjDnWlSL4xkBtrvKmOJaHtGSrRCRFnUp/EfYO2Va3W0nB0Evvrc?= =?us-ascii?Q?XBmXeEq6zvsx+hqfwhhH45XNyzsWTb/KwlvOH40r9k1x3gKynPa0spwWggbA?= =?us-ascii?Q?JWo/pWjJPLfRca+bRNurZH6lueQgWFGk70d1crHunnml68jZTL7S5NxKrhDN?= =?us-ascii?Q?oZkVj3LhXjXPxPdQ5EPYSIssZCqvT+vz8sEuBBq2riCAMIcLisHMU1sRlVBz?= =?us-ascii?Q?OwE87GyeYkNwzivmMTlvjjpbGEcQ+cZtcuxMOz2NVTuRKfnsZtWLLZ7hWrGr?= =?us-ascii?Q?7ktZ0T9eY8eXbFO/J8L1Ms4eC4h9g3xxvDMl8cvKYuofvoK6ZzLBkcg26mF5?= =?us-ascii?Q?8Y66ipz9gjcUgCqcAXqgkEAfy0I+8XHLnHPFqyK78MNF+9WjYj+Ib5fOviqZ?= =?us-ascii?Q?OxlcxucXFbaFdxjao6OgNXKYoe2UHBWDDHBKmrXc86uqMiHCq2zvkjD1t8Xk?= =?us-ascii?Q?SYHVODEpCuW1m8XZbosCUtQLuBSeCpAbJryzMMIbu+2jsqxmIlJzJD5ePsNu?= =?us-ascii?Q?exc5yiddu4lATLLoN0AJF5CD5/oD/nfL8ZHWxs42Q7ShEgfr/ue28OdfngZr?= =?us-ascii?Q?jovPqbWluSJh2zc0danA1OgIznXuJX/RG9wpQ04Dq6WAvLTVxVQ4b5g=3D?= =?us-ascii?Q?=3D?= X-Microsoft-Exchange-Diagnostics: 1;KL1PR0201MB2184;6:uAOrgoXFjs1j6WXLUKHDO6jsNAfH3l3Q1MSfJk5tSrL4Cbyqgq/J/sUiHcYhSaQA9nMH94IRg5PMuwSlGzbGObio5sQLze4xcqGTWAXZyIoZMZIFn/69XkbatT8D04h/ci64mfVPQLdVSisNovD+cxTSGUAXo+NxmI5iREiRh5itwSN/SWEWhSskNJSHtmakavFXNjcyhR3aafQm8F3QBuVfJjIfQxDp5nkno5KZznoZwvoJTYO0ToUSXFoAh5gG+2GWzgNH22R/6mnWdHpjZA7SFAMYNKFCpvnbgQArCq8KrgvEVxQsiWaB9ifXy9lPfsPvvbemE4Y/P8mRz+i6WXkLyN9xvgCHDi03IjGFoV8=;5:qp/rFhFB4qGXYkh/UCZkwvd0qKhPT3b8rsocpXzpUg0f80LcMI2NWyUv+qePi8a0CeXWVd0W8ng1O9r46KwdQGgPvSWfqCfs/l+r6fr2dLmsak5nZMyWd8vBtPeUdTRAuFNUNk9OARcLolQpVyUBuwtSP4arLXlzBDXPPUffkUk=;24:a0IN3Ocdi3lTO+ONJxU7Zu8KX1XBVfLv8TTJ3TrxLWEaecG1oISnMzocd+8K5KhEh3MZ720yRkn28KE63LA9uYhHzXyWYJnj5G0tGqb7gdc=;7:rXwtmCsqTDMMYpCzjF46PHbo6e9fisLsssFkdSCMBGLVuaywStPnkKDpIEvyZ+75Z4ZGd+8pgW7OH5ro8xMZe5TzqiDKxNFL1EcSX9/BLZqxA6tmZ11CdJtF9IjSSkDEud2TB0LAZJ5tENAN0BLNK1JPCA6Nrlfdpf2wMhjlVb9UNYvb2PnMYiT42UhTbUx0oVOmMnUcqAyweOd3jqSM1qhLlWk6PwrHRf/ontyU+4nyxb+tSQgizayZJZEu6hnX SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Mar 2018 17:18:33.0907 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1667b309-8a59-4d50-547a-08d59018f0fa X-MS-Exchange-CrossTenant-Id: d0eb9e21-a353-4bd4-bc05-7883dc2f06e3 X-MS-Exchange-CrossTenant-FromEntityHeader: Internet X-MS-Exchange-Transport-CrossTenantHeadersStamped: KL1PR0201MB2184 X-MS-Exchange-Transport-EndToEndLatency: 00:00:11.3270168 X-MS-Exchange-Processed-By-BccFoldering: 15.20.0609.000 X-Microsoft-Exchange-Diagnostics: 1;HK2PR02MB1153;9:8F/w1kEd91FdsWSdKiC2NlRDWfJVQ+CkJXXJyRQYMgmS+tbpkXuYAZcg3ms2j0zGZIbh9GTNVymS593yL9RgtoLq3PHEJqcc2Jd06s+kW6a4MCFuEnx+UFPmiQ6c2rAE X-Microsoft-Antispam-Message-Info: 128vQiRemqyrSqUsGFoPtxAqljCOAapRhjlgqZ5V6GppS+049WkqP6iK5DFtVYGfjZPa7elEm51puk9KK8iIKU7G6vzAdXREDhfxW/RLJ92T64wsrGUSaWRo3pPkXhU70T3YU5BBOf/jPehCfbkxDLtA02gjx8irTgkkfVFwLvrYqIu51jCR6q+40vyiSAYj/S2o26Iwp5W0pUcNlkE/TwmzUgy4dEtMnggGN+PXOLMR9GxrZtTA8nP1R//zcUIOLG8YSNc/z1fGQfTshuMVpnwJZpekY2uQnaDVYAeIV3mOpVdjXpr15SgFkTMh+Wjn4MK51DUfG2+nJnKF5R4FzPWz1jKYx0GAPbbq64zCt4E= X-Microsoft-Exchange-Diagnostics: 1;HK2PR02MB1153;27:2HUU8zHMQ7MqdYq8FEscUhLBbPXTZnFDP3CyeICxFR9oJ6RKftNI+rEpyb3WkaWIjfyUDHdtLlDqauA6JEPJvIwavPqwsiP0EqCmzevh1xaRdF/3oksDtjVMJnqsFSRr
------------------------------------------------- Firmanızın Siber Risk Skorunu Öğrenmek İster misiniz? https://www.bgasecurity.com/siber-risk-skor-karti-ve-karnesi/ -------------------------------------------------
