RAT ya da keylogger nasıl sisteme girmiş olabilir?

DewilBlaze

DewilBlaze

Centipat
Katılım
29 Ekim 2022
Mesajlar
19
Daha fazla  
Cinsiyet
Erkek
Şimdi dün benim e-postam çalındı ve kayıtlı olan banka kartımdan para çekildi. Bir şekilde hallettim o işleri.
Fakat nasıl RAT ya da keylogger yedigimi çözmek istedim.
Benim outlok hesabımdan kendi hesabına kullanıcı adımı ve şifremi gönderiyor.
Bunu nasıl yapmış olabilir?

1715497432248.png


Bu aşagıdakileri de göndermiş.

Kod: 
DS3PEPF000099D7.mail.protection.outlook.com rejected your message to the following email addresses:

[email protected]
A communication failure occurred during the delivery of this message. Please try to resend the message later. If the problem continues, contact your email admin.

DS3PEPF000099D7.mail.protection.outlook.com gave this error:
Requested action not taken: mailbox unavailable (S2017062302).

Diagnostic information for administrators:

Generating server: PAXP194MB1469.EURP194.PROD.OUTLOOK.COM
[email protected]
DS3PEPF000099D7.mail.protection.outlook.com
Remote server returned '550 5.5.0 Requested action not taken: mailbox unavailable (S2017062302).'
Original message headers:

ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=az38ksWS61Px37XjyUrZCxw7xVnATTzy3fPKRs/z1naEbKyWGCvYkf4PUA+SAG4mnKplqyNF1V5JNQ6kdP2/8l5pGmyTx3qCZtQEahbOnqShAJLfqHDac1XESDo5OMFrS5bmE0zXoaXbwCwq+Ciyu221KJ5KGK/qPRCuIYhRwF1+F4KtBed9VGH2T5BC383J7jgTVIqPZz8wJ4Ik9TIaNHS9y3Az5EGJaxpau+TOVzID2xSCz4Azd2dFz5tYDikBtHVKpJ6EzMimGe9VkYSMqoQpGMdzPfwyFpNKLpmpgS0iKOcUK4M+WE12yGkIqCI+7ElDQxgC5rx+qk9pCJUQTg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=v7dAECbrbAhstxIG/C/UMyBHAYzJmV9msVGiC12TxKw=;
 b=Npz7HFZHXWjPNQodZeyH4qGfGS+l4sjvmWCxPYIBuqb5cXk0yNz9uNEofivJg04Jnx+2jNMTjSSrFhBVIX/t2yZAFzS2BGt1zl6Bfj0fRpD7f4l6k70hwbUp6f4/E+hlLhXbt6fmQWvrjUPf4dlCe5CWiGqYPJpA1rCZzZ0f0Jy4bopPznU1H8fhZ+k4H0fchbN1tvKUKSgQboFH6AKZhyHRBEDlnhBU/KNrbgm/XZ14MJNh5A8+B/smFbgUXCJrUo6YuT1N0JeWQICUpTvQeBlbDgJOYW3SKWCF17ivqhUpQDjG0iQJKoPs8BV+K1Qsrj6+LijwF+Sb+Hv5ag0jgg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
 dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=v7dAECbrbAhstxIG/C/UMyBHAYzJmV9msVGiC12TxKw=;
 b=uH6boLVuVa+AGrdROuXy8Vg5zYHhrmdjTMVB9ua3P2h4fkV9ULXgs33L5tnQapXS9YbsrdazP3AKvwQNYqhONoUnkA2Hu+i4St8CEYwPU2zm1mMnjW30IkWKJiw/UiI65ztiUU1rr1OItr+oLBYAa76GHsiCuBOEyoZBFvmF3HmHO8UFmyX3J65i/z0koD5Hhy7j+DFFj8T2FWJ/omLQNDnXfBuVsIqrx7+sm8g5zxJ0SqaYRto5X8wE89sYnsoJfZAqIgElHTU4CHrvdFTippmBTfsrH9e4kQEAZjLAtJ5vIMkbcJJELAKRGg8rfmo3eCsGD/FA1XNPrT2ITVmtRw==
Received: from DU0P194MB1820.EURP194.PROD.OUTLOOK.COM (2603:10a6:10:3bb::12)
 by PAXP194MB1469.EURP194.PROD.OUTLOOK.COM (2603:10a6:102:1a8::21) with.
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.49; Sat, 11 May.
 2024 01:12:28 +0000
Received: from DU0P194MB1820.EURP194.PROD.OUTLOOK.COM
 ([fe80::7b11:22dc:a145:c2cd]) by DU0P194MB1820.EURP194.PROD.OUTLOOK.COM
 ([fe80::7b11:22dc:a145:c2cd%5]) with mapi id 15.20.7544.048; Sat, 11 May 2024.
 01:12:28 +0000
From: [email protected]
To: [email protected]
Subject: Smtp.
Date: 11/05/2024 02:12
Content-Type: text/plain
X-TMN: [xddk9qyaOoVDwuqm7Phf9ct3J8t+0CeM]
X-ClientProxiedBy: LO2P265CA0472.GBRP265.PROD.OUTLOOK.COM
 (2603:10a6:600:a2::28) To DU0P194MB1820.EURP194.PROD.OUTLOOK.COM
 (2603:10a6:10:3bb::12)
Return-Path: [email protected]
Message-ID: <DU0P194MB1820E1A5E923A79245D53793AAE02@DU0P194MB1820.EURP194.PROD.OUTLOOK.COM>
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email.
X-MS-TrafficTypeDiagnostic: DU0P194MB1820:EE_|PAXP194MB1469:EE_
X-MS-Office365-Filtering-Correlation-Id: 16629431-4404-4f94-3524-08dc71576cc7
X-Microsoft-Antispam:
 BCL:0;ARA:14566002|461199019|3430499023|440099019|3412199016;
X-Microsoft-Antispam-Message-Info:
 p9SNHZCczhrXxBoRp6yEI7tAaBOdxAo1DBMEL8x63Ez5F+w25A3mQG5nOBzA+YPdxhWJl9vjvQKMIP2IZHyA+NQvg5drOafPH4GXkD6Ro3VL52Cq8pEdhpSNf7qoLK2WPN1925lASaOZl1juwMnYGR24cVG9Yioq969tFvDcchc8Wyg4L6X2MStTy248y0jWJCvlPTQCcIuT7NAZYL+9BsI9RYyA66tVduptK5jlTlxWQLL04b4ofVpCZmSjim433Iy9JTKMVCGb+43Wr3yJOHQm11YURHzS7oQTTbXJInJd20TUBw6uxi3qSJwrLoYYWHMY++VXtjWB7UCYR3iuFVeQDaH7jeg1Azpvs8Nfxqd+hXWuGslVglZ9l/1DBYAiPd2QNkbTQApZ1U96KDXbiahm6mTbNte2aiDJNAcDjx08kc70HvaFAIvEFpM/UqS8C/NP2aAueNPQfp6acRpAAg9ZlrvlKE+6cA0DWMslzb8xna47M/HWTPPAEDwDzmFilp7U0O24UBocGU5WvNiV70FwqGhP5SelvgJbjJetEozGvR09w1K1BxGkxwOPuQKg
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0:
 =?us-ascii?Q?cHbrAVDSBV3B6hl5JZFfBFCLZ7Tg1nO5KQ7oypsVowq7BkEh0FSQBdk05Y1w?=
 =?us-ascii?Q?ixiFnBWAn0dVScgTDcI/dNRGqzYSZcLmkTYHR2dsLTKaA5zKScyq0Y1LLbkA?=
 =?us-ascii?Q?ZQvmy6SOC/c4Ma3nDqYl33VlvlWlXJEGtoJ1zbeRf+0+/rEaagD+VByf6eeE?=
 =?us-ascii?Q?PV/rJihFb2CTrxmM6f0hJXrzPJae1NdzQP8YuO1QxUreLezVc7ET5Vy1YsZT?=
 =?us-ascii?Q?QVBrTnscSRvQ1TZwotggH7+/yIn79O1mAf2gnGKKfib4yThw1ejXzcJozY6c?=
 =?us-ascii?Q?non0EXiEVw5EdpxlYnLupOB3k7TYLxIz2Bcej6bCcmFw8sd1WEONrClooEKb?=
 =?us-ascii?Q?gdvqcgu67YcVg6S5FXqOfArDYUbS0sc2rcQpKIHXgrgvUKs31ajKjWrefHLL?=
 =?us-ascii?Q?XU3dt2ub1o3+oAWGBRWRe0PL+XHzG6raxsS5u/hBx3ZviLcj5z+DX6wSHKRu?=
 =?us-ascii?Q?B5MupFXbVA5tko/5SqPor9g6WJdJDR9ZH7P/cINfS+WVXrlfw1p6ZdNYbOYI?=
 =?us-ascii?Q?rKB56Zx/04Segi2trLvkFysJDyjyXYGqq37UxIqxlME1ZcoSgiXkW7SY5Wpb?=
 =?us-ascii?Q?5+VD6RrzTQ+E1A8YtN06Nk2J2cA5bU4XaRVGk+0jI2Sn58qnTJJlJgfzOhIs?=
 =?us-ascii?Q?8Mw9foLzhJ6ie8zXDE41akTyLf8/EabsyQWUiUouiy8TzrZuoDk9CRN7JjJP?=
 =?us-ascii?Q?Wek+e4/UoWbUbE3HMENaZtqeZAG8HF/qDwNdEYxvT/1EcMkPWtZGVZ+K7jQh?=
 =?us-ascii?Q?0RS21rHmX4/FS+YP+MzrkrUBNeUENvEXfd6BA27L+Yw1hNBwCNVY7HVlc2FM?=
 =?us-ascii?Q?Yt3PtPZf1wGUOTDpuFJxargh6sVjazIWUngDByTYg/LOtSZjnlHeR2gsDbtP?=
 =?us-ascii?Q?Mrb00cCIQSD8eYNRu+1SZDOpajocPUX9ruXFPMoRjaR+sHN857WEaxTbvD9q?=
 =?us-ascii?Q?friNMxNX53KoGt3Heo1rQhLAxQKb12Rpk59rU3BflbugSSFVOMEhWq8Qnv7L?=
 =?us-ascii?Q?Behugr0YkbCUo5kRsO++gqvEs1ppWJM+U6DfHCw87nYEtG27mpDnHpLhIk2L?=
 =?us-ascii?Q?qodKw8DqXImQGmj9pu5FMg4eEu9RW6uRoUf6oBLOLmBCz7zeGZzHm+HdYIRR?=
 =?us-ascii?Q?WuItYyokVsOge3ix4wIQML+bd6RdcwBMvfgLhodeaNBz7gs+C/17fwVKk4mL?=
 =?us-ascii?Q?9x638qJnf1wTnCUbp/a5rPUGWYHCyg/deVTewbeOhhck0PLtI2VQ988MH7A?=
 =?us-ascii?Q?=3D?=
X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-84264.templateTenant
X-MS-Exchange-CrossTenant-Network-Message-Id: 16629431-4404-4f94-3524-08dc71576cc7
X-MS-Exchange-CrossTenant-AuthSource: DU0P194MB1820.EURP194.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal.
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 May 2024 01:12:28.2427
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted.
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:
 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXP194MB1469
 
Son düzenleyen: Moderatör:
Beef enjekte edilmiş bir siteye girmiş olabilirsin. Ya da bir kullandığın hesabın database i leaklenmiştir. Ya da indirdiğin Torrent'in peerlerinden leaklendiğin IP'ye sızmışlardır.
 

Benzer konular

Barkınowski
Sisteme keylogger girmiş olabilir mi?
Mesaj
4
Görüntüleme
338
Lexyyy
L
A
VirusTotal sonuçlarıan göre sisteme keylogger girmiş olabilir mi?
Mesaj
9
Görüntüleme
399
Crownguard
Crownguard
Elmas aykut
Bilgisayarıma keylogger girmiş olabilir mi?
Mesaj
8
Görüntüleme
249
Emin Faruk
Emin Faruk
mehmet32127
Bilgisayarıma RAT girmiş olabilir mi?
Mesaj
5
Görüntüleme
271
mehmet32127
mehmet32127
korsanseverkullanıcı
Sisteme RAT mı girmiş?
Mesaj
9
Görüntüleme
159
wie
wie

Yeni konular

Yeni mesajlar

Geri
Yukarı