API tools faq
paste
Advertisement
wavellan

20210322_PHISHING_SCAM_1

wavellan
Mar 22nd, 2021
621
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.81 KB | None | 0 0
raw download clone embed print report
  1. Phishing with html attachment:
  2. https://www.virustotal.com/gui/file/b933d91716a1b2ee4d23fea137f2920b8dd66a8fe5059ef64e94b493a2452bbf/detection
  3.  
  4.  
  5. Dear YOUR_NAME_HERE
  6.  
  7. FYI
  8.  
  9. Attached Purchase Order
  10.  
  11.  
  12.  
  13. Best Regard
  14.  
  15. Cathy, ZOU SHAN
  16.  
  17. Account Receivable Service
  18.  
  19. Finance Center
  20. ,
  21.  
  22.  
  23.  
  24.  
  25.  
  26. Received: from MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) by
  27. MBX05A-IAD3.mex08.mlsrvr.com (172.29.17.23) with Microsoft SMTP Server (TLS)
  28. id 15.0.1497.2 via Mailbox Transport; Mon, 22 Mar 2021 20:13:59 -0400
  29. Received: from MBX10C-ORD1.mex08.mlsrvr.com (172.29.9.35) by
  30. MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) with Microsoft SMTP Server (TLS)
  31. id 15.0.1497.2; Mon, 22 Mar 2021 19:13:58 -0500
  32. Received: from gate.forward.smtp.iad3b.emailsrvr.com (146.20.86.8) by
  33. MBX10C-ORD1.mex08.mlsrvr.com (172.29.9.35) with Microsoft SMTP Server (TLS)
  34. id 15.0.1497.2 via Frontend Transport; Mon, 22 Mar 2021 19:13:58 -0500
  35. Return-Path: <010f01785c6e5438-7abf3242-1a88-4711-a04f-7c05a3ef3dda-000000@us-east-2.amazonses.com>
  36. X-Spam-Threshold: 95
  37. X-Spam-Score: 100
  38. Precedence: junk
  39. X-Spam-Flag: YES
  40. X-Virus-Scanned: OK
  41. X-Orig-To:
  42. X-Originating-Ip: [23.251.226.1]
  43. Authentication-Results: smtp36.gate.iad3b.rsapps.net; iprev=pass policy.iprev="23.251.226.1"; spf=pass smtp.mailfrom="010f01785c6e5438-7abf3242-1a88-4711-a04f-7c05a3ef3dda-000000@us-east-2.amazonses.com" smtp.helo="e226-1.smtp-out.us-east-2.amazonses.com"; dkim=pass header.d=cowtomo.com; dkim=pass header.d=amazonses.com; dmarc=none (p=nil; dis=none) header.from=cowtomo.com
  44. X-Suspicious-Flag: NO
  45. X-Classification-ID: a3908b9c-8b6c-11eb-b870-5254003a7283-2-1
  46. Received: from [23.251.226.1] ([23.251.226.1:40559] helo=e226-1.smtp-out.us-east-2.amazonses.com)
  47. by smtp36.gate.iad3b.rsapps.net (envelope-from <010f01785c6e5438-7abf3242-1a88-4711-a04f-7c05a3ef3dda-000000@us-east-2.amazonses.com>)
  48. (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=AES128-SHA256)
  49. id 4F/B1-07797-6C239506; Mon, 22 Mar 2021 20:13:58 -0400
  50. DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
  51. s=5zuyt3datpyvotobttesifzmx67arxgf; d=cowtomo.com; t=1616458438;
  52. h=From:Subject:To:Content-Type:MIME-Version:Date:Message-Id;
  53. bh=cm1D4njcxnYkjd1rO+1W4lol9bgpQZYE0F9H3PBY9JQ=;
  54. b=MSfo4/gov7NN9V3Yb6CDo/37/T538AXgOkKhb1lRwOIBba7cy1q1LmaUuegkd5B/
  55. hZbrGjWpzHDmW0hjPLyqnzCsAs0SXz5NvfGKhY049OwRGC2Mf53/Dm5QCqmx8RG1jv6
  56. ocEnB800cnW5uqImCX+XSRl09MffLPy8PSuIDx04=
  57. DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
  58. s=kra23psoka5qyyh6gdejiiuof3nluwuz; d=amazonses.com; t=1616458438;
  59. h=From:Subject:To:Content-Type:MIME-Version:Date:Message-Id:Feedback-ID;
  60. bh=cm1D4njcxnYkjd1rO+1W4lol9bgpQZYE0F9H3PBY9JQ=;
  61. b=Jb+XnZtsZRTlbb5nyx9Z5Z4FU9wKC4NAo4H33UAcUSCMKoIkqNA19Gif/1EU2Tsm
  62. UbjRcWR/r4PXvxZ+uH8qYMAIPKrw8oowCQSmOUlccTPW05+E+esnr/EtbKg7VKA5W64
  63. sucjxpIwZI4WRmj4pcHSbir02yLFvKeCwKJcN44M=
  64. From: "SHAN, Cathy" <[email protected]>
  65. Subject: Document Received Tuesday, March 23, 2021
  66. To:
  67. MIME-Version: 1.0
  68. Date: Tue, 23 Mar 2021 00:13:57 +0000
  69. Message-ID: <010f01785c6e5438-7abf3242-1a88-4711-a04f-7c05a3ef3dda-000000@us-east-2.amazonses.com>
  70. X-SES-Outgoing: 2021.03.23-23.251.226.1
  71. Feedback-ID: 1.us-east-2.9NyXB8MI88c5QChksqeGY5eTMWzewX8WIBllM4XLlzY=:AmazonSES
  72. X-MS-Exchange-Organization-Network-Message-Id: 358aa3c0-a465-45f2-4b63-08d8ed908e04
  73. X-MS-Exchange-Organization-SCL: 5
  74. X-MS-Exchange-Organization-AuthSource: MBX10C-ORD1.mex08.mlsrvr.com
  75. X-MS-Exchange-Organization-AuthAs: Anonymous
  76. Content-type: multipart/mixed;
  77. boundary="B_3699280153_2117323504"
  78.  
  79. > This message is in MIME format. Since your mail reader does not understand
  80. this format, some or all of this message may not be legible.
  81.  
  82. --B_3699280153_2117323504
  83. Content-type: multipart/alternative;
  84. boundary="B_3699280153_11104553"
  85.  
  86.  
  87. --B_3699280153_11104553
  88. Content-type: text/plain;
  89. charset="UTF-8"
  90. Content-transfer-encoding: 7bit
  91.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!