Accepted 76561198094932692 (sensei33@kinguin)

Accused:
| steamname: sensei33@kinguin
| steam3ID: [U:1:134666964]
| steamID32: STEAM_0:0:67333482
| steamID64: http://steamcommunity.com/profiles/76561198094932692
| customURL: http://steamcommunity.com/id/senseithirtythree
| steamrep: http://steamrep.com/profiles/76561198094932692

Target:
| steamname: аdvicebanana
| steam3ID: [U:1:23045495]
| steamID32: STEAM_0:1:11522747
| steamID64: http://steamcommunity.com/profiles/76561197983311223
| customURL: http://steamcommunity.com/id/advicebanana
| steamrep: http://steamrep.com/profiles/76561197983311223

What happened?
Told me he needed me as a fifth player in his team, then linked me to a Teamspeak server that tried to get me to install malware. When I told him, he denied the whole thing and blocked me.

malicious TS server info:

Code:

$ nslookup 89.108.87.54
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
54.87.108.89.in-addr.arpa       name = dkypiiatobgmail.com.dedic.renter.ru.

Authoritative answers can be found from:

$ whois 89.108.87.54
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '89.108.80.0 - 89.108.95.255'

% Abuse contact for '89.108.80.0 - 89.108.95.255' is '[email protected]'

inetnum:        89.108.80.0 - 89.108.95.255
netname:        AGAVACOMPANY
descr:          Agava JSC
country:        RU
admin-c:        AN2353-RIPE
tech-c:         AN2353-RIPE
status:         ASSIGNED PA
mnt-by:         AGAVA-MNT
created:        2006-07-03T11:58:12Z
last-modified:  2006-07-04T10:09:43Z
source:         RIPE # Filtered

role:           AGAVA NOC
address:        AGAVA JSC
address:        2nd Khutorskaya str., 38A, s17
address:        127287 Moscow
address:        Russia
phone:          +7 495 4081790
phone:          +7 495 4086755
fax-no:         +7 495 4081790
remarks:        ----------------------------------------------------
remarks:        AGAVA is available 24 x 7
remarks:        ----------------------------------------------------
remarks:        Points of contact for AGAVA Network Operations
remarks:        ----------------------------------------------------
remarks:        Routing and peering issues:       [email protected]
remarks:        SPAM and Network security issues: [email protected]
remarks:        Customer support:                 [email protected]
remarks:        ----------------------------------------------------
admin-c:        ES5000-RIPE
tech-c:         ES5000-RIPE
nic-hdl:        AN2353-RIPE
abuse-mailbox:  [email protected]
mnt-by:         AGAVA-MNT
created:        2006-06-29T10:39:04Z
last-modified:  2013-10-30T21:06:16Z
source:         RIPE # Filtered

% Information related to '89.108.87.0/24AS43146'

route:          89.108.87.0/24
descr:          Agava CS
origin:         AS43146
mnt-by:         AGAVA-MNT
created:        2014-12-04T12:56:36Z
last-modified:  2014-12-04T12:56:36Z
source:         RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.82 (DB-2)

Virustotal on the link and the file:
https://www.virustotal.com/en/url/c...2c8fc6ebdaeddf119e92cc3b0565c7eac23/analysis/
https://www.virustotal.com/en/file/...0f0c5c82d001686207122d7a77204db94aa/analysis/

Screenshots:
http://files.f-o-g.eu/04af21
http://files.f-o-g.eu/e0bg51
http://files.f-o-g.eu/bd4605
http://files.f-o-g.eu/5717f2

 

Thank you for the report.

Hidden Content:

**Hidden Content: Content of this hidden block can only be seen by members of (usergroups: Legacy Trade Moderator).**