SHARE
TWEET

2019-02-21 - Example of malspam pushing Hanctor

malware_traffic Feb 21st, 2019 953 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 2019-02-21 - EXAMPLE OF MALSPAM PUSHING HANCITOR
  2.  
  3. Received: from crossroadsfinance.com ([24.230.161.134]) by [removed]
  4.     (envelope-from <quickbooks@crossroadsfinance.com>) [removed] for [removed];
  5.     Thu, 21 Feb 2019 16:23:28 +0000
  6. Message-ID: <7CF13603.79F520AD@crossroadsfinance.com>
  7. Date: Thu, 21 Feb 2019 09:23:14 -0700
  8. From: "Intuit Inc." <quickbooks@crossroadsfinance.com>
  9. X-Mailer: iPad Mail (11D169)
  10. MIME-Version: 1.0
  11. TO: sales@serveroutsource.net
  12. Subject: Automatic Intuit Invoice Notice
  13. Content-Type: text/html;
  14.     charset="utf-8"
  15. Content-Transfer-Encoding: 7bit
  16.  
  17.  
  18. <html>
  19. <head>
  20. <meta>
  21. <meta>
  22. <meta>
  23. </head>
  24. <body>
  25. <div
  26. style="font-size: 10pt; font-family:
  27. Verdana,Arial,Helvetica,sans-serif;"><br>
  28. <div style="margin: 0pt; padding: 0pt;">
  29. <table style="table-layout: fixed;" align="center" bgcolor="#eceef1"
  30. border="0" cellpadding="0" cellspacing="0" width="100%">
  31. <tbody>
  32. <tr>
  33. <td align="center" bgcolor="#eceef1" width="100%">
  34. <table border="0" cellpadding="0" cellspacing="0" width="600">
  35. <tbody>
  36. <tr>
  37. <td
  38. style="font-size: 10px; font-family: Arial,Helvetica,sans-serif; color:
  39. rgb(107, 108, 114); display: none ! important;"
  40. align="left">
  41. <p style="overflow: hidden; max-height: 0px;">Stop waiting
  42. weeks for checks to arrive.</p>
  43. <br>
  44. </td>
  45. </tr>
  46. </tbody>
  47. </table>
  48. <table border="0" cellpadding="0" cellspacing="0" width="600">
  49. <tbody>
  50. <tr>
  51. <td
  52. style="border-bottom: 4px solid rgb(44, 160, 28); padding-top: 20px;
  53. padding-bottom: 20px;"
  54. align="center" width="600">
  55. <table align="center" border="0" cellpadding="0"
  56. cellspacing="0" width="556">
  57. <tbody>
  58. <tr>
  59. <td style="" align="left"><a
  60. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=1132&amp;elqTrackId
  61. =9a6457eb60074980b7ddb32a8942f4d0&amp;elq=ef83a86aa1094399b6cbed465e7e5759&a
  62. mp;elqaid=4889&amp;elqat=1"
  63. target="_blank"><img
  64. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7B9a757ee3
  65. -39ea-430f-ad2f-cdcef0a679e0%7D_qb-logo-new_retina.png"
  66. alt="Intuit QuickBooks"
  67. style="border: 0pt none ; font-family: Arial,sans-serif; color: rgb(57, 58,
  68. 61); font-size: 19px; font-weight: bold;"
  69. border="0" height="29" width="150"></a></td>
  70. </tr>
  71. </tbody>
  72. </table>
  73. </td>
  74. </tr>
  75. </tbody>
  76. </table>
  77. <table bgcolor="#ffffff" border="0" cellpadding="0"
  78. cellspacing="0" width="600">
  79. <tbody>
  80. <tr>
  81. <td style="padding-top: 33px;" align="center" width="600">
  82. <table align="center" border="0" cellpadding="0"
  83. cellspacing="0" width="556">
  84. <tbody>
  85. <tr>
  86. <td
  87. style="font-family: Arial,sans-serif; font-size: 32px; line-height: 36px;
  88. color: rgb(44, 160, 28);"
  89. align="left">Dear customer, </td>
  90. </tr>
  91. <tr>
  92. <td
  93. style="font-family: Arial,sans-serif; font-size: 19px; line-height: 24px;
  94. color: rgb(57, 58, 61); padding-top: 15px;"
  95. align="left">&nbsp;This alert is being delivered to you by Intuit Inc. Make
  96. sure you
  97. click on the web link listed
  98. below to see details. <br>
  99. <br>
  100. Intuit Invoice number:
  101. INV1525690
  102. has been covered and now
  103. available for download. <br>
  104. </td>
  105. </tr>
  106. <tr>
  107. <td style="padding-top: 19px;" align="left">
  108. <table style="" bgcolor="#2ca01c" border="0"
  109. cellpadding="0" cellspacing="0">
  110. <tbody>
  111. <tr>
  112. <td
  113. style="padding-left: 16px; padding-right: 16px; font-size: 15px;
  114. line-height: 16px; color: rgb(255, 255, 255); font-family:
  115. Arial,sans-serif;"
  116. height="32"> <a
  117. href="hxxp://slimscrubber[.]com?[removed]=[removed]"
  118. style="color: rgb(255, 255, 255); text-decoration: none; font-weight:
  119. bold;"
  120. target="_blank">See details</a> </td>
  121. </tr>
  122. </tbody>
  123. </table>
  124. </td>
  125. </tr>
  126. <tr>
  127. <td style="padding-top: 40px; vertical-align: bottom;"
  128. align="left"> We value your business
  129. with us and thank you for
  130. utilizing Intuit. </td>
  131. </tr>
  132. </tbody>
  133. </table>
  134. </td>
  135. </tr>
  136. </tbody>
  137. </table>
  138. <table bgcolor="#ffffff" border="0" cellpadding="0"
  139. cellspacing="0" width="600">
  140. <tbody>
  141. <tr>
  142. <td
  143. style="border-top: 8px solid rgb(244, 245, 248); padding-top: 36px;"
  144. align="center" width="600">
  145. <table bgcolor="#ffffff" border="0" cellpadding="0"
  146. cellspacing="0" width="600">
  147. <tbody>
  148. <tr>
  149. <td align="center" width="600">
  150. <table align="center" border="0" cellpadding="0"
  151. cellspacing="0" width="556">
  152. <tbody>
  153. <tr>
  154. <td
  155. style="font-family: Arial,sans-serif; font-size: 19px; line-height: 24px;
  156. color: rgb(57, 58, 61); font-weight: normal;"
  157. align="left">Need help?. </td>
  158. </tr>
  159. </tbody>
  160. </table>
  161. </td>
  162. </tr>
  163. <tr>
  164. <td style="padding-top: 36px; padding-bottom: 37px;"
  165. align="center" width="600">
  166. <table align="center" border="0" cellpadding="0"
  167. cellspacing="0" width="556">
  168. <tbody>
  169. <tr>
  170. <th style="font-weight: normal;" align="center"
  171. width="185">
  172. <table align="center" border="0" cellpadding="0"
  173. cellspacing="0" width="185">
  174. <tbody>
  175. <tr>
  176. <td style="vertical-align: bottom;"
  177. align="left" height="75"><img
  178. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7Bc869c362
  179. -dedd-4d2d-bbeb-d830fddd90f1%7D_call_icon.png"
  180. width="75"></td>
  181. </tr>
  182. <tr>
  183. <td
  184. style="font-family: Arial,sans-serif; font-size: 15px; line-height: 20px;
  185. color: rgb(57, 58, 61); font-weight: normal; padding-top: 5px;"
  186. align="left"><a
  187. style="color: rgb(0, 117, 205); text-decoration: none; font-weight:
  188. bold;">Call</a>
  189. <a
  190. style="color: rgb(57, 58, 61); text-decoration:
  191. none;">800-237-3520</a></td>
  192. </tr>
  193. </tbody>
  194. </table>
  195. </th>
  196. <th style="font-weight: normal;" align="center"
  197. valign="top" width="185">
  198. <table align="center" border="0" cellpadding="0"
  199. cellspacing="0" width="185">
  200. <tbody>
  201. <tr>
  202. <td style="vertical-align: bottom;"
  203. align="left" height="75"><a
  204. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=3216&amp;elqTrackId
  205. =e6c1480f82394b77be5702bd4e36a52b&amp;elq=ef83a86aa1094399b6cbed465e7e5759&a
  206. mp;elqaid=4889&amp;elqat=1"
  207. target="_blank"><img
  208. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7B17f08427
  209. -3b18-4bf3-b619-ebed567fe620%7D_tutorial_icon.png"
  210. border="0" width="88"></a></td>
  211. </tr>
  212. <tr>
  213. <td
  214. style="font-family: Arial,sans-serif; font-size: 15px; line-height: 19px;
  215. color: rgb(57, 58, 61); font-weight: normal; padding-top: 5px;"
  216. align="left"><a
  217. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=3216&amp;elqTrackId
  218. =c5831f177f34420d90cff7e5428cc32d&amp;elq=ef83a86aa1094399b6cbed465e7e5759&a
  219. mp;elqaid=4889&amp;elqat=1"
  220. style="color: rgb(0, 117, 205); text-decoration: none; font-weight: bold;"
  221. target="_blank">See tutorials</a><br>
  222. </td>
  223. </tr>
  224. </tbody>
  225. </table>
  226. </th>
  227. <th style="font-weight: normal;" align="center"
  228. valign="top" width="185">
  229. <table align="center" border="0" cellpadding="0"
  230. cellspacing="0" width="185">
  231. <tbody>
  232. <tr>
  233. <td style="vertical-align: bottom;"
  234. align="left" height="75" valign="top"><a
  235. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=3215&amp;elqTrackId
  236. =cfe29c41fd6d4e9abc928c65739b3003&amp;elq=ef83a86aa1094399b6cbed465e7e5759&a
  237. mp;elqaid=4889&amp;elqat=1"
  238. target="_blank"><img
  239. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7Bd01fe4cc
  240. -bc27-454f-8d20-43158443f7c7%7D_accountant_icon.png"
  241. border="0" width="77"></a></td>
  242. </tr>
  243. <tr>
  244. <td
  245. style="font-family: Arial,sans-serif; font-size: 15px; line-height: 19px;
  246. color: rgb(57, 58, 61); font-weight: normal; padding-top: 5px;"
  247. align="left"><a
  248. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=3215&amp;elqTrackId
  249. =0bb688c9bd7342fe8b04135e1a68b5e7&amp;elq=ef83a86aa1094399b6cbed465e7e5759&a
  250. mp;elqaid=4889&amp;elqat=1"
  251. style="color: rgb(0, 117, 205); text-decoration: none; font-weight: bold;"
  252. target="_blank">Talk to</a> a Pro</td>
  253. </tr>
  254. </tbody>
  255. </table>
  256. </th>
  257. </tr>
  258. </tbody>
  259. </table>
  260. </td>
  261. </tr>
  262. </tbody>
  263. </table>
  264. </td>
  265. </tr>
  266. </tbody>
  267. </table>
  268. <table align="center" border="0" cellpadding="0" cellspacing="0"
  269. width="600">
  270. <tbody>
  271. <tr>
  272. <td align="center">
  273. <table align="center" border="0" cellpadding="0"
  274. cellspacing="0" width="556">
  275. <tbody>
  276. <tr>
  277. <td style="padding-top: 40px;" align="left"
  278. valign="top" width="556">
  279. <table border="0" cellpadding="0" cellspacing="0">
  280. <tbody>
  281. <tr>
  282. <th min-height="32" align="left">
  283. <table border="0" cellpadding="0"
  284. cellspacing="0">
  285. <tbody>
  286. <tr>
  287. <td align="left" height="32" width="34"><a
  288. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=11&amp;elqTrackId=f
  289. 06a88df188e41f5b641a2ff9af06050&amp;elq=ef83a86aa1094399b6cbed465e7e5759&amp
  290. ;elqaid=4889&amp;elqat=1"
  291. style="color: rgb(0, 117, 205); text-decoration: none; font-weight: normal;
  292. font-family: Arial,sans-serif; font-size: 15px;"
  293. target="_blank"><img
  294. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7B50b95194
  295. -ae30-4116-871b-ce12a3408d48%7D_facebook.png"
  296. alt="Facebook" border="0" width="22"></a></td>
  297. <td align="left" height="32" width="34"><a
  298. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=14&amp;elqTrackId=c
  299. d2e764724b1449aa84d48530cb181a5&amp;elq=ef83a86aa1094399b6cbed465e7e5759&amp
  300. ;elqaid=4889&amp;elqat=1"
  301. style="color: rgb(0, 117, 205); text-decoration: none; font-weight: normal;
  302. font-family: Arial,sans-serif; font-size: 15px;"
  303. target="_blank"><img
  304. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7B0b882ec8
  305. -e90c-4dd4-b8e7-501134841e7b%7D_twitter.png"
  306. alt="Twitter" border="0" width="22"></a></td>
  307. <td align="left" height="32" width="34"><a
  308. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=13&amp;elqTrackId=a
  309. 5b9834502084d78bb4e2bcec8873da6&amp;elq=ef83a86aa1094399b6cbed465e7e5759&amp
  310. ;elqaid=4889&amp;elqat=1"
  311. style="color: rgb(0, 117, 205); text-decoration: none; font-weight: normal;
  312. font-family: Arial,sans-serif; font-size: 15px;"
  313. target="_blank"><img
  314. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7B7f49ff1f
  315. -1c9a-4aac-b804-04bd70be0cc2%7D_youtube.png"
  316. alt="Youtube" border="0" width="22"></a></td>
  317. <td align="left" height="32" width="42"><a
  318. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=3214&amp;elqTrackId
  319. =bc60829af6d44c7f954302643067cd85&amp;elq=ef83a86aa1094399b6cbed465e7e5759&a
  320. mp;elqaid=4889&amp;elqat=1"
  321. style="color: rgb(0, 117, 205); text-decoration: none; font-weight: normal;
  322. font-family: Arial,sans-serif; font-size: 15px;"
  323. target="_blank"><img
  324. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7B2876a379
  325. -d8b6-4020-91ee-d6c2612f9212%7D_linkedin.png"
  326. alt="LinkedIn" border="0" width="22"></a></td>
  327. </tr>
  328. </tbody>
  329. </table>
  330. </th>
  331. <th
  332. style="border-left: 1px solid rgb(151, 151, 151);" align="left">
  333. <table border="0" cellpadding="0"
  334. cellspacing="0">
  335. <tbody>
  336. <tr>
  337. <td
  338. style="padding-left: 20px; vertical-align: top;" align="left"
  339. height="32"> <a
  340. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=3221&amp;elqTrackId
  341. =a3fc2a4bf751418ab07953a102cfb1f8&amp;elq=ef83a86aa1094399b6cbed465e7e5759&a
  342. mp;elqaid=4889&amp;elqat=1"
  343. style="color: rgb(0, 117, 205); text-decoration: none; font-weight: normal;
  344. font-family: Arial,sans-serif; font-size: 15px;"
  345. target="_blank"><img
  346. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7Bac99409c
  347. -8806-4a6e-ac75-b4af359b8580%7D_apple-badge.png"
  348. alt="Download the QuickBooks App for iOS on the App store" border="0"
  349. height="32" width="108"></a> </td>
  350. <td
  351. style="padding-left: 20px; vertical-align: top;" align="left"
  352. height="32"> <a
  353. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=3220&amp;elqTrackId
  354. =86052a515df24055a1f8bd9ff7be4b02&amp;elq=ef83a86aa1094399b6cbed465e7e5759&a
  355. mp;elqaid=4889&amp;elqat=1"
  356. style="color: rgb(0, 117, 205); text-decoration: none; font-weight: normal;
  357. font-family: Arial,sans-serif; font-size: 15px;"
  358. target="_blank"><img
  359. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7B32445dcd
  360. -e63c-4eee-b6f6-d396e1c48f96%7D_google-play-badge.png"
  361. alt="Get the QuickBooks App for Android on Google Play" border="0"
  362. height="32" width="108"></a> </td>
  363. </tr>
  364. </tbody>
  365. </table>
  366. </th>
  367. </tr>
  368. </tbody>
  369. </table>
  370. </td>
  371. </tr>
  372. </tbody>
  373. </table>
  374. </td>
  375. </tr>
  376. </tbody>
  377. </table>
  378. <table align="center" border="0" cellpadding="0" cellspacing="0"
  379. width="600">
  380. <tbody>
  381. <tr>
  382. <td align="center">
  383. <table align="center" border="0" cellpadding="0"
  384. cellspacing="0" width="556">
  385. <tbody>
  386. <tr>
  387. <td
  388. style="font-family: Arial,sans-serif; font-size: 11px; color: rgb(107, 108,
  389. 114); padding-top: 10px; font-weight: normal;"
  390. align="left"> <br>
  391. </td>
  392. </tr>
  393. </tbody>
  394. </table>
  395. </td>
  396. </tr>
  397. </tbody>
  398. </table>
  399. <table align="center" border="0" cellpadding="0" cellspacing="0"
  400. width="600">
  401. <tbody>
  402. <tr>
  403. <td align="center">
  404. <table align="center" border="0" cellpadding="0"
  405. cellspacing="0" width="556">
  406. <tbody>
  407. <tr>
  408. <td
  409. style="font-family: Arial,sans-serif; font-size: 11px; line-height: 16px;
  410. color: rgb(107, 108, 114); padding-top: 36px; font-weight: normal;
  411. text-decoration: none;"
  412. align="left"> <a
  413. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=21&amp;elqTrackId=6
  414. 3d257e550dc4b6bb997e0c84c9eed2c&amp;email_address_=c2hpdCU0MHJlaG9tZXMubWU%3
  415. D&amp;elq=ef83a86aa1094399b6cbed465e7e5759&amp;elqaid=4889&amp;elqat=1"
  416. style="color: rgb(0, 119, 197); text-decoration: none;"
  417. target="_blank"></a>
  418. <br>
  419. </td>
  420. </tr>
  421. <tr>
  422. <td
  423. style="font-family: Arial,sans-serif; font-size: 11px; line-height: 16px;
  424. color: rgb(107, 108, 114); font-weight: normal;"
  425. align="left">Intuit and ProConnect are
  426. registeredbrand
  427. names of Intuit. </td>
  428. </tr>
  429. <tr>
  430. <td
  431. style="font-family: Arial,sans-serif; font-size: 11px; line-height: 16px;
  432. color: rgb(107, 108, 114); font-weight: normal;"
  433. align="left">Terms and conditions,
  434. pricing and service
  435. options are subject to
  436. change without notification. </td>
  437. </tr>
  438. <tr>
  439. <td
  440. style="font-family: Arial,sans-serif; font-size: 11px; line-height: 16px;
  441. color: rgb(107, 108, 114); font-weight: normal;"
  442. align="left"> <a
  443. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=18&amp;elqTrackId=7
  444. 9a9f44ce5cd4ecab5ca20f8f7ca5cf9&amp;elq=ef83a86aa1094399b6cbed465e7e5759&amp
  445. ;elqaid=4889&amp;elqat=1"
  446. style="color: rgb(0, 119, 197); text-decoration: none;"
  447. target="_blank">Additional privacy</a>. </td>
  448. </tr>
  449. <tr>
  450. <td
  451. style="font-family: Arial,sans-serif; font-size: 11px; line-height: 16px;
  452. color: rgb(107, 108, 114); font-weight: normal;"
  453. align="left">2002-2018
  454. Intuit Services.&nbsp; All
  455. rights reserved.<a
  456. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=19&amp;elqTrackId=d
  457. 68b66bfc9084e82b68ff552aafdf24f&amp;elq=ef83a86aa1094399b6cbed465e7e5759&amp
  458. ;elqaid=4889&amp;elqat=1"
  459. style="color: rgb(0, 119, 197); text-decoration: none;"
  460. target="_blank">.</a>
  461. <br>
  462. <font
  463. style="color: rgb(107, 108, 114); text-decoration: none;"><span
  464. style="color: rgb(107, 108, 114);">2800
  465. W. Commerce Center Place, Tucson, AZ
  466. 85506</span></font> </td>
  467. </tr>
  468. </tbody>
  469. </table>
  470. </td>
  471. </tr>
  472. </tbody>
  473. </table>
  474. <table border="0" cellpadding="0" cellspacing="0" width="600">
  475. <tbody>
  476. <tr>
  477. <td style="padding: 37px 22px 40px;" align="right"> <a
  478. href="http://app.eq.intuit.com/e/er?s=113755760&amp;lid=31&amp;elqTrackId=7
  479. ff337c1e37544bbab6610b0850677ed&amp;elq=ef83a86aa1094399b6cbed465e7e5759&amp
  480. ;elqaid=4889&amp;elqat=1"
  481. target="_blank"> <img
  482. src="http://images.eq.intuit.com/EloquaImages/clients/IntuitSBG/%7Bd816ed19
  483. -95c7-41a9-a578-367b41650b79%7D_truste.png"
  484. alt="TrustE Verified"
  485. style="border: 0pt none ; font-family: Arial,sans-serif; color: rgb(57, 58,
  486. 61);"
  487. border="0" width="80"> </a> </td>
  488. </tr>
  489. </tbody>
  490. </table>
  491. </td>
  492. </tr>
  493. </tbody>
  494. </table>
  495. <div
  496. style="white-space: nowrap; font-family: courier; font-style: normal;
  497. font-variant: normal; font-weight: normal; font-size: 15px;
  498. font-size-adjust: none; font-stretch: normal; line-height: 0pt;">
  499. &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
  500. &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
  501. &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
  502. </div>
  503. <img
  504. src="http://app.eq.intuit.com/e/FooterImages/FooterImage1?elq=ef83a86aa1094
  505. 399b6cbed465e7e5759&amp;siteid=113755760"
  506. alt="" border="0" height="1" width="1"></div>
  507. </div>
  508. </body>
  509. </html>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top