API tools faq
paste
Advertisement
James_inthe_box

Trickbot

James_inthe_box
Aug 30th, 2017
775
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.12 KB | None | 0 0
raw download clone embed print report
  1. "PayPal Security Department informs"
  2.  
  3. https://www.virustotal.com/file/b96025a12f379c220c226b4cd8db3073bd265a24fcd7f7c4d684fa7fe0395ddb/analysis/1504112890/
  4.  
  5. http://eurotelecom2000.com/kasgopro.png <- careful
  6.  
  7. Received: from [77.89.151.182] (HELO domain.1.0001.arsmtp.com)
  8. with ESMTP id 164857394 for manager53@domain; Wed, 30 Aug 2017 12:08:36 -0400
  9. Received: from RemoteHostPc (localhost.localdomain [127.0.0.1])
  10. by local_computer_name_DOMAIN with ESMTP
  11. ; Wed, 30 Aug 2017 17:08:47 +0100
  12. dkim-signature: v=1; a=rsa-sha256; d=servicepaypal48.ml; s=default;
  13. c=simple/simple; q=dns/txt; h=From:To:Date:Message-ID:Subject;
  14. bh=CUDtBLb4vGuhYn25F5h3d1oIw+QmS0tGnvIZblsJkJw=;
  15. l=100;
  16. b=1QP38Ix6iTEew4RNeO4lcCMKV4BYx7yyLTRdzWiCZS/uPHvH2WmWSIyW2h7UJKjMMKq4eiziM55BFzg0HJ3FLU8F55C8MevxzD89DE2jdaYYiEbo3P0TlR6vec0BQY7rvsw0QUxbJiwkMt6gaPPTTDuaTvgcNZdzT/9vU76IXNM=
  17. Message-ID: <000001d321b2$a4a88840$edf998c0$@ml>
  18. Date: Wed, 30 Aug 2017 17:08:47 +0100
  19. From: PayPal Security <noreply@servicepaypal48.ml>
  20. To: <user@domain>
  21. Subject: PayPal Security Department informs
  22. MIME-Version: 1.0
  23. Content-Type: multipart/mixed;
  24. boundary="----=_NextPart_000_0001_01D321B2.A0DFC070"
  25. X-Priority: 3 (Normal)
  26. X-Mailer: Microsoft Office Outlook 12.0
  27. Thread-Index: AdMhqkLkfXNxnKGySnaGwVbXhpjk3g==
  28. Content-Language: en-us
  29.  
  30. This is a multi-part message in MIME format.
  31.  
  32. ------=_NextPart_000_0001_01D321B2.A0DFC070
  33. Content-Type: multipart/alternative;
  34. boundary="----=_NextPart_001_0002_01D321B2.A0DFC070"
  35.  
  36.  
  37. ------=_NextPart_001_0002_01D321B2.A0DFC070
  38. Content-Type: text/plain;
  39. charset="US-ASCII"
  40. Content-Transfer-Encoding: 7bit
  41.  
  42. Please download and view Microsoft Word attachment
  43.  
  44. Our records indicatethat you never did not answer to requests for additional information about this claim. We hope you view the attached file and solve the question amicably.
  45.  
  46.  
  47. Sincerely,
  48.  
  49. Protection Services Department
  50.  
  51. PayPal does not tolerate fraud or illegal activities. Your request has been noted in the record of the PayPal user you recorded. If we find this user has violated our confidentiality we will make inquiries and take appropriate action. If this occurs, you may be contacted in the future about the status of this complaint.
  52.  
  53.  
  54. ------=_NextPart_001_0002_01D321B2.A0DFC070
  55. Content-Type: text/html;
  56. charset="US-ASCII"
  57. Content-Transfer-Encoding: quoted-printable
  58.  
  59. <html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
  60. xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
  61. xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
  62. xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
  63. xmlns=3D"http://www.w3.org/TR/REC-html40">
  64.  
  65. <head>
  66. <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
  67. charset=3Dus-ascii">
  68. <meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)">
  69. <style>
  70. <!--
  71. /* Font Definitions */
  72. @font-face
  73. {font-family:"Cambria Math";
  74. panose-1:0 0 0 0 0 0 0 0 0 0;}
  75. @font-face
  76. {font-family:Calibri;
  77. panose-1:2 15 5 2 2 2 4 3 2 4;}
  78. /* Style Definitions */
  79. p.MsoNormal, li.MsoNormal, div.MsoNormal
  80. {margin:0cm;
  81. margin-bottom:.0001pt;
  82. font-size:11.0pt;
  83. font-family:"Calibri","sans-serif";}
  84. a:link, span.MsoHyperlink
  85. {mso-style-priority:99;
  86. color:blue;
  87. text-decoration:underline;}
  88. a:visited, span.MsoHyperlinkFollowed
  89. {mso-style-priority:99;
  90. color:purple;
  91. text-decoration:underline;}
  92. span.EmailStyle17
  93. {mso-style-type:personal-compose;
  94. font-family:"Calibri","sans-serif"
  95. color:windowtext;}
  96. .MsoChpDefault
  97. {mso-style-type:export-only;}
  98. @page Section1
  99. {size:612.0pt 792.0pt;
  100. margin:2.0cm 42.5pt 2.0cm 3.0cm;}
  101. div.Section1
  102. {page:Section1;}
  103. -->
  104. </style>
  105.  
  106. <!--[if gte mso 9]><xml>
  107. <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
  108. </xml><![endif]--><!--[if gte mso 9]><xml>
  109. <o:shapelayout v:ext=3D"edit">
  110. <o:idmap v:ext=3D"edit" data=3D"1" />
  111. </o:shapelayout></xml><![endif]-->
  112. </head>
  113. <body lang=3DEN link=3Dblue vlink=3Dpurple>
  114. <div class=3DSection1>
  115. <p class=3DMsoNormal><span lang=3DEN-US>Please download and view Micr=
  116. osoft Word attachment<o:p></o:p></span></p>
  117.  
  118. <p class=3DMsoNormal><span lang=3DEN-US><o:p></o:p></span></p>
  119.  
  120. <p class=3DMsoNormal><span lang=3DEN-US>Our records indicatethat you =
  121. never did not answer to requests for additional information about this=
  122. claim. We hope you view the attached file and solve the question amic=
  123. ably.<o:p></o:p></span></p>
  124.  
  125. <p class=3DMsoNormal><span lang=3DEN-US><o:p></o:p></span></p>
  126.  
  127. <p class=3DMsoNormal><span lang=3DEN-US><o:p></o:p></span></p>
  128.  
  129. <p class=3DMsoNormal><span lang=3DEN-US>Sincerely=
  130. ,<o:p></o:p></span></p>
  131.  
  132. <p class=3DMsoNormal><span lang=3DEN-US><o:p></o:p></span></p>
  133.  
  134. <p class=3DMsoNormal><span lang=3DEN-US>Protection Services Departmen=
  135. t<o:p></o:p></span></p>
  136.  
  137. <p class=3DMsoNormal><span lang=3DEN-US><o:p></o:p></span></p>
  138.  
  139. <p class=3DMsoNormal><span lang=3DEN-US>PayPal does not tolerate frau=
  140. d or illegal activities. Your request has been noted in the record of =
  141. the PayPal user you recorded. If we find this user has violated our co=
  142. nfidentiality we will make inquiries and take appropriate action. If t=
  143. his occurs, you may be contacted in the future about the status of thi=
  144. s complaint<o:p></o:p></span></p>
  145.  
  146. </div>
  147. </body>
  148. </html>
  149.  
  150. ------=_NextPart_001_0002_01D321B2.A0DFC070--
  151. ------=_NextPart_000_0001_01D321B2.A0DFC070
  152. Content-Type: application/x-msdownload;tname="=?UTF-8?B?cGF5cGFsMTUzMTI1NzYtMjE0NjUuZG9j?="
  153. Content-Transfer-Encoding: base64
  154. Content-Disposition: attachment; filename="=?UTF-8?B?cGF5cGFsMTUzMTI1NzYtMjE0NjUuZG9j?="
  155.  
  156. 0M8R4KGxGuEAAAAAAAAAAAAAAAAAAAAAPgADAP7/CQAGAAAAAAAAAAAAAAACAAAAeQAAAAAA
  157. AAAAEAAAfAAAAAMAAAD+////AAAAAHgAAACAAAAA////////////////////////////////
  158. ////////////////////////////////////////////////////////////////////////
  159. ////////////////////////////////////////////////////////////////////////
  160. ////////////////////////////////////////////////////////////////////////
  161. ////////////////////////////////////////////////////////////////////////
  162. ////////////////////////////////////////////////////////////////////////
  163. ////////////////////////////////////////////////////////////////////////
  164. ////////////////////////////////////////////////////////////////////////
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!