Brasília, 02 fevereiro 2011
Informamos que houve um cancelamento provisório em seu título eleitoral.
O motivo do cancelamento foi uma irregularidade em seu Cadastro de Pessoa Física (CPF), a qual motivou o cancelamento do mesmo, e também de seu título eleitoral.
Para saber mais detalhes sobre esta irregularidade, e quais providências tomar, leia o regulamento clicando no link abaixo.http://recadastram[REMOVED].com/regulations
All the rights reserved for the Superior Court of Eleitoral
Phishing capture
As soon as the unsuspecting user clicks on the link, a Trojan file named regulamento_tse will be downloaded and executed from http://recadastram[DELETED].com/regulamentos/regulamento_tse.scr. The capture shows the local analysis of the download that is identified as malicious by 3 antivirus engines.Malicious download
The Trojan seems to have been developed in Brazil in Visual Basic 6 language:The domain used, as it is recorded, has been registered two days ago:
From Segu-Info we proceeded to report the domain in WOT, to the link that leads to the download in Phishtank, and also the IE Smartscreen, and in FireFox with Google Safebrowsing.Domain name: recadastram[REMOVED].com
Name Servers: ns1.softlayer.com ns2.softlayer.com
Creation date: 30 Jan 2011 18:12:00
Expiration date: 30 Jan 2012 13:12:00
Raúl de la Redacción de Segu-Info
