malware_traffic

2020-11-16 - Fake FedEx email

Nov 16th, 2020
1,125
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Return-Path: <sales@netmailgoesbulk.top>
  2. Received: from netmailgoesbulk.top (netmailgoesbulk.top [106.75.147.47])
  3. [removed] by [removed] (Postfix) with ESMTPS id 4CZWtP6Tb6z5vQ5
  4. for [removed]; Mon, 16 Nov 2020 14:39:20 +0000 (UTC)
  5. DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=default; d=netmailgoesbulk.top;
  6. h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type; i=sales@netmailgoesbulk.top;
  7. bh=g3vpE1IwCVwix+bkV0i6bdnkMVk=;
  8. b=VY9qbg1GPw4xZlDs+1EAGyP4wi74vtW2uxTz1XVakcgczvOIV28H0wkMSA1i5BJXzXOA4Ewm/wYb
  9. xMiD3rPhaf8EPSanXH6OKl6hXviHKvM8ds7G+j8tZbut6e122bmxyyJTmf/Oipg7JjrHByrga/t5
  10. jn7zbBTzmIFfCuvxG04=
  11. DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=default; d=netmailgoesbulk.top;
  12. b=Cah88JKDDcEs4SGx4BI4S5nhwG0feELPtrBdux1E8n7h64UH30iYetkF7q1E/M222/LIM8aWX8AC
  13. ZqnMW1IQussw/6k0SLZxrsD520MRlgAUHDWNz3s3MZS8pACPCZtHJ2HWgOIUo+7OBIQEnTEjXO6e
  14. UFLEVrS8QkVKC/83zWM=;
  15. From: Feedex Express<sales@netmailgoesbulk.top>
  16. To: [removed]
  17. Subject: FEDEX ARRIVAL NOTIFICATION
  18. Date: 16 Nov 2020 14:39:06 +0000
  19. Message-ID: <20201116143905.0959CC03D7012083@netmailgoesbulk.top>
  20. MIME-Version: 1.0
  21. Disposition-Notification-To: bashiri@ahp-makinas.com
  22. Content-Type: multipart/mixed;
  23. boundary="----=_NextPart_000_0012_FEE089E8.A8FAB2BE"
  24.  
  25. This is a multi-part message in MIME format.
  26.  
  27. ------=_NextPart_000_0012_FEE089E8.A8FAB2BE
  28. Content-Type: multipart/related;
  29. boundary="----=_NextPart_001_0013_FEE089E8.A8FAB2BE"
  30.  
  31.  
  32. ------=_NextPart_001_0013_FEE089E8.A8FAB2BE
  33. Content-Type: text/html
  34. Content-Transfer-Encoding: quoted-printable
  35.  
  36. <p></p>
  37. <p>&nbsp;</p>
  38. <p><img src=3D"cid:fede.png" alt=3D"" align=3D"top" border=3D"0" hspace=3D"=
  39. 0" width=3D"334" height=3D"151" /></p>
  40. <p>&nbsp;</p>
  41. <div class=3D"v1yiv5016630277ydp160b176eyiv0672883852WordSection1" style=3D=
  42. "box-sizing: border-box; font-size: 13px; font-family: 'helvetica neue', he=
  43. lvetica, arial, sans-serif; white-space: normal; word-spacing: 0px; text-tr=
  44. ansform: none; font-weight: 400; color: #1d2228; font-style: normal; text-a=
  45. lign: left; orphans: 2; widows: 2; letter-spacing: normal; background-color=
  46. : #ffffff; text-indent: 0px; font-variant-ligatures: normal; font-variant-c=
  47. aps: normal; -webkit-text-stroke-width: 0px; text-decoration-style: initial=
  48. ; text-decoration-color: initial;">
  49. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  50. sizing: border-box; margin-top: 0px;">16/11/2020<br style=3D"box-sizing: bo=
  51. rder-box;" /><br style=3D"box-sizing: border-box;" />This is your Fedex arr=
  52. ival notification schedule to delive today</p>
  53. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  54. sizing: border-box; margin-top: 0px;">Kindly download the attached AWB deta=
  55. il</p>
  56. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  57. sizing: border-box; margin-top: 0px;">Thanks and regards</p>
  58. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  59. sizing: border-box; margin-top: 0px;">Richard Jone</p>
  60. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  61. sizing: border-box; margin-top: 0px;">Customer Service Trace Advisor&nbsp;&=
  62. nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
  63. p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</p>
  64. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  65. sizing: border-box; margin-top: 0px;">CS General Line1: 790 1102527</p>
  66. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  67. sizing: border-box; margin-top: 0px;">CS General Line2: 790 1909598</p>
  68. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  69. sizing: border-box; margin-top: 0px;">For Shipment Pickup Requests just ema=
  70. il us at</p>
  71. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  72. sizing: border-box; margin-top: 0px;"><span id=3D"OBJ_PREFIX_DWT116_ZmEmail=
  73. ObjectHandler" class=3D"Object" style=3D"cursor: pointer; text-decoration: =
  74. none; color: #005a95;" role=3D"link"><a style=3D"cursor: pointer; text-deco=
  75. ration: none; color: #005a95;" href=3D"mailto:PickupRequest.us@dhl.com" tar=
  76. get=3D"_blank" rel=3D"noopener">PickupRequest.us@fedex.com</a></span></p>
  77. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  78. sizing: border-box; margin-top: 0px;"><span id=3D"OBJ_PREFIX_DWT117_com_zim=
  79. bra_url" class=3D"Object" style=3D"cursor: pointer; text-decoration: none; =
  80. color: #005a95;" role=3D"link"><a style=3D"cursor: pointer; text-decoration=
  81. : none; color: #005a95;" href=3D"http://www.us.dhl.com/" target=3D"_blank" =
  82. rel=3D"noopener">http://www.fedex.com</a></span></p>
  83. <p class=3D"v1yiv5016630277ydp160b176eyiv0672883852MsoNormal" style=3D"box-=
  84. sizing: border-box; margin-top: 0px;">&nbsp;</p>
  85. </div>
  86. <p>&nbsp;</p>
  87. <p style=3D"box-sizing: border-box; font-size: 13px; font-family: 'helvetic=
  88. a neue', helvetica, arial, sans-serif; white-space: normal; word-spacing: 0=
  89. px; text-transform: none; font-weight: 400; color: #1d2228; font-style: nor=
  90. mal; text-align: left; orphans: 2; widows: 2; margin-top: 0px; letter-spaci=
  91. ng: normal; background-color: #ffffff; text-indent: 0px; font-variant-ligat=
  92. ures: normal; font-variant-caps: normal; -webkit-text-stroke-width: 0px; te=
  93. xt-decoration-style: initial; text-decoration-color: initial;"><span lang=
  94. =3D"EN-SG" style=3D"box-sizing: border-box; font-size: 10pt; font-family: '=
  95. helvetica neue', helvetica, arial, sans-serif; background: white; white-spa=
  96. ce: normal; word-spacing: 0px; text-transform: none; font-weight: 400; colo=
  97. r: #666666; font-style: normal; text-align: left; orphans: 2; widows: 2; le=
  98. tter-spacing: normal; text-indent: 0px; text-decoration-style: initial; tex=
  99. t-decoration-color: initial;">CONFIDENTIALITY NOTICE:</span> &nbsp;<span st=
  100. yle=3D"box-sizing: border-box;">&nbsp;</span> <span style=3D"box-sizing: bo=
  101. rder-box; font-size: 10pt; font-family: 'helvetica neue', helvetica, arial,=
  102. sans-serif; white-space: normal; word-spacing: 0px; text-transform: none; =
  103. font-weight: 400; color: #7f7f7f; font-style: normal; text-align: left; orp=
  104. hans: 2; widows: 2; letter-spacing: normal; background-color: #ffffff; text=
  105. -indent: 0px; text-decoration-style: initial; text-decoration-color: initia=
  106. l;"> &nbsp;This message is from DHL and may contain confidential business i=
  107. nformation. It is intended solely for the use of the individual to whom it =
  108. is addressed. If you are not the intended recipient please contact the send=
  109. er and delete this message and any attachment from your system. Unauthorize=
  110. d publication, use, dissemination, forwarding, printing or copying of this =
  111. E-Mail and its attachments is strictly prohibited.</span></p>
  112. <p><br /><br /></p>
  113. ------=_NextPart_001_0013_FEE089E8.A8FAB2BE
  114. Content-Type: image/png; name="fede.png"
  115. Content-Transfer-Encoding: base64
  116. Content-ID: <fede.png>
  117.  
  118. iVBORw0KGgoAAAANSUhEUgAAAU4AAACXCAMAAABNy0IIAAAAz1BMVEX///8qAHz/WQD/UAAA
  119. AHEkAHr/sJQQAILtVy//t53/VAAZAHb/h1rl4O6flL9YRZP/SgBFLYn/n33/+/r/xrL/eEGn
  120. ncRXQZT59/zg3OosAIBpWJ1lU5tQOo+0r8r8+v13aKa/uNS0rMyEd63r6PKXjLnNx91KM4wA
  121. AGuupcg/JIfQyt//4tfX0uT/zLp+cKn/cTf/f07/PAD/kGj/aCb/6+OQhLX/8+5xYaEyEIH/
  122. rI//lnE3F4NDKImLfrI2G4H/YRb/1cb/vqjsTiH1r5x+V3LnAAAOnElEQVR4nO2de3vauBKH
  123. IZG6p6jg0G7BCRCwMbewlO62TaEl0O053/8zHclX2Z6Rb6INrX9/5MljbGG/6DIzGsmNZjnR
  124. xg8Uge7gj/9cFVbr1blvtcapVTVOrapxalWNU6tqnFpV49SqGqdW1Ti1qsapVTVOrapxalWN
  125. U6tqnFpV49SqGqdW1Ti1qsapVTVOrapxahUKjBGlzn1fsorgvL5R6e9z3ypGk9w2xiqd+75k
  126. FcB5/WfjjUrnvlUUZ/vc35xfxXD+VNU4tarGqVU1Tq2qcWpVjVOrapxaVePUKt04TUfI1Grm
  127. /5Y4b+8fh6cmE84pY/RkPNq3ha43573jsHs6nZ6MbWfuSJ/8djjN+x0VEGl4PaUcLBvYZr4C
  128. bmcL91fwxa/tzsI7+M1wrgeEUbAUyshwnl2A/ZQugF9qbLyPi+B8Vw6DLmE42WMPV6wVWw8E
  129. ZuljIV1LfQurO+zHIDu3chfA2fr6UqXvis9eoPGRNy9yX4RiYLjIfXT9/KSE6VFZbHCY6wMC
  130. 07uJeTGcV61rhW5evfsH//A9dovvb7Br/kn2LRko4IcMq5u5y4TpAT1itzrNKIB09IaPX96g
  131. n14j0dBX19gVNy+T51bCOacs7yUPTvKbhZxuZgFkpjca/1rB8wN0j/gFN69TJxfiGLDxcXZy
  132. VU1PlABD0kbRzkORGYi89OTGB7SyQXwU1Rmin5uHJB/nFqw1OJbUiLTO93PAFbj8XNFbBc8X
  133. yXt8h9N8C1TlQkSC53PB7PI29EBJnptiP0dCFabePrZwnomx5S+UZusjQLM8zm1RmpznWv7m
  134. dp6WjqsCzs9XCp7/yvf4GT2xdfVZJ85OiapFmTQejfeVaFaaGP6EN/erm7+ie3zzDcV5/Qmi
  135. WRbnvFRDpU/RFw+K1+6YKs2z422Y84xAvUdpytCr4zQpUrWoNz2PtWP2GHyvXanjbFZNW8BH
  136. GKkZKwxOzJct8yRsjgxDlPR767bT3qx2DD6D+P6pWZVm1SwQhTnf+uZ5jgqDM2W+V8FJEZpk
  137. EDnzZg+soXThfTyp2NSrJ9V8UfB8rwZ+8wWjWS5HCWzKNGEIOSMImXeSwkZyuwum6DB8Vc5R
  138. Upjzwt1UGJyg81QBJyiWihZDow19EJ8YKCq2n21EGMnczPbKGlw95etvBc8P+GCFufZ6ccaN
  139. Sk8PADVRPW+xyknZSrp8paqgGjLo8IH7qoUbnKD5rhsnmwGFQ9iogbsAbBEP3jvQ7+FLA843
  140. CnMeLeIbaL5rxkn3YOlbqHq2TYQm7SevN3GeOvI7PxXHiZjvmnHGGmkkqHqyjoWYWfv0/KeD
  141. 9p9a0mVV5jwozHzPxEkxwTiRKbZu+nQ6GsBlEGjmEzX3MZwtha5T2cf/FuMZ9+gL4KSjPizj
  142. AJ09QIp/hAZ35BeZgiU8Ic0dwfnxrUpfU8V/L8Lz5nsGTXwmE4yeCwEVrtnc38HaY+UDOOFv
  143. RHoGbTOZCnM+RRM33zNxYhPDeG9WTXSCfGExnMXn2b8qwkvxstN1uzrOcrGkbEGTH64mcGvX
  144. l7aARzriRedZp1AYp32m2smwO0S+UGMWiMKcj9RC540r4TyeByc6mDXacHPQiFMRJY5ofsu1
  145. 6qMwTqTtVRXrYHdonruxq+YwIpxKZ6g8zuGZcOKZN7BnpDXl61PW8J5lvgcqjHNxHpxQBMXX
  146. 6Pw4s8z5TPM9UGGciqhEJZx4xh7cHjQnJP6p4pm/1MKPdzgTTtRtaMA+qe78zg+KaF2uQd1V
  147. YZyY01cVJ56q/ENqp2IujpcKJNvAKowTD6RXw/m8+85Usg2iwjhhQwmNP+UOSdnoLf6IkT3L
  148. MUom22AqjBM244386oN0GJoBigSbtdqd2WH5nGN7YZwr6OkKbb4Aejm0i52OzHrq9IoUOWBR
  149. ybksz8I4wRAI6nBDgpOT0KG9d/baqchQlJTLLyqM04FwKsbltHZwa8e8THgk+vERpVxee2Gc
  150. oOGJTBXBgqsbbcJngz8fjrP4QhhFdneCZw7zszjOKTRfMSpw/0hniFRPbBIZWQjz6rVKQG7R
  151. i/zR+BwRz+I4wdkGoljqkhJiuYK9J5rhUG4hTKp8pXOZ4qlIpymLcwwO7UWqJxLjAwd3cGZK
  152. gVOp9D5KRWcys9yj4jhhGnBTPQ4ATbD5ETZMFYAn4P+keXY0FbE0zjVII70wg9uoBHCKSKdx
  153. h2XTjhLT9YrlDDpwfi5eBJooWxon0gBJyk2EayEbNzoYJRrzNdeqHLqflKOU4R6VwWnBjZUc
  154. 40kxcAKHyA1T5B6zg7+Atr0aKZcdacD5Fk+TU3C+UWUplcGJjQ/sbhU11tsBzIyKUxTzdyJd
  155. 9tA9sLOny6pS318oOlVkCUwFnHDvKVCwYceaz63e9IBULdYTBWTkPmBhJ6048XQFkZ+gWoug
  156. cI9K4VQMEdRfpI2t7Dh5BaC9Z25VxYmb7561rlqLgLtH5XCacHp8tkLn/lQ1Cl0RJ57qFcBS
  157. LS1G9wFFn1u9eQXW3DNEwhzlagsym1Vx4uZ76ypoyqq1CFi6EvrgGXuB9MrgYEZUQJlViLLO
  158. teqtFQ3cirUIWDIddreZW6tAkZAM0b1spVdcRXimNZmx/ATV0mI41bM0zuILsGkigzPvjH2R
  159. eGcunIqcpLjTo0pegs358jgbk2LNlbJEkWa+KXsGR0zOsp49WedUaxHAPJsKOBuPRXjSZqrE
  160. XDzpYqx5Z268S0z3iKoYSQtwj6rg5N5mbnMnuWTI47nI7DAo96L04sQHbCicqYjgQe5RJZwN
  161. Z5SvgqI7/2R1GJS2G3prJ54LDwfbFWsRWh9T7lE1nGLiJ8eIxO7QHA9bvUVYk49eWnEqzHdk
  162. daBiLUJ6dxVsJ69l3j3ozCPJcMCZ56cjcoY4UGKIHmK8hG7wj/+qpjFK7PJ1hXniX9FNvtKz
  163. JR1EMzyjLQXkkeLRH0qavYxdEucLGGj4M8zAO/zfi+L6jn/0BY+7KQr8kjONtpDG1pAAUQ8R
  164. a5vk2CCxMR+mwnH82mn+X/SXk2kdF4x4wSQ3qkRI05jN8+4y6/QMFmwA6m7f+dTJufPnryvz
  165. 1lrNptvtdnrs3M+dghv2muve1DjwfmNvTO3fuGLWqlWrVq1atWrVqlWrVj6Zaf3sW7pkNVPv
  166. 7oS3xqqVS12aePMCOf3sW7pkdSnr3NuyMt7tUUulLn1Ob/y6eHGcxd4vVUulGqdW1Ti1qsap
  167. VTVOrSqH01xzgwq8zpnb4Yv+zI1lW8l1kebasu11fBbLWd+v7te/gjsG47ToYR97YvvucMcf
  168. d3N31+N/DfG+Q0bYUTrn4bDgn/T5J0uvwPXQd7PkqWlr4R98iszb3sk/1s8z/f28hdTOLQu2
  169. +nfVJt6LpzaEdRodwknuuTNFGYveV3eie7E+j1N2cY53/Kz9cDcSnlaIaShOODyd+LXE3y7P
  170. 7Ipjp6eDOIbuvXEpwho795akZ3ugXj7+LcfZI2QoGqY575Mm6UUXHOaENWfWXMxHjxeMjdx2
  171. bs74T+G3+B3/BVairpo9Fuxb0mW0aYl27sx4cUVW9D9HYTgdIq0P3TJ/3SyvpX0WPXOPRFsN
  172. Leh+T8KdgoeMbYP/54RSN1tgQ5o0aPi3xFsqbhH6EHSaVnDi5Yrj3Ixj8j+wSLjxr0hA9Q63
  173. ORB5b/sOowf/3wVtskkjvJhK6yF6zFsJPWPSiuhH5m4usaPSNoQDqtgI6iLUpYkQ3TIYiqfM
  174. fzGSw8LWKnAe5MtHNFiTK3CGVWsfjwTcUXcTHo4uGmzWy+W0kYgZ2MulKk3wApQK0IU4OSBv
  175. m2/+xEHz5jjjeZG8IXfDs4/S0di+rDPm1rqBXBPHm43g+CB3NuZmc+F5QG6ATlaU2OR3n7xV
  176. 7oJDHGciAEWD3TJGUtXjfW0szOcaBKKk9O63HPFj8tgFSxWgs8RwwWtaFFAWtTN+Ttj38WYf
  177. /hAHGt+RhHcXYijjQxHbJsYam7ivmP1VpPSKjoyOYt0gH9kT25X0gnRcXjtDb4jFO1heh70u
  178. YcLNo+Ys/n0jfuzUu/A2HkrtZC4oje2nwXHu4mfcM/89CiNKzfCs5mE7kdWkd26t3HJTiFv3
  179. UytyKMeGe+zhMXcW63OWGqfD4pt9c5yT+BkW8wFLONd8/I+bC9xX8j5ciwxpTo/tIl/eGnnH
  180. 6PTygzFqnGI3K/n9Xvlw8u52Yd3HZQd1z+n1Rc45dzKlPSU6XXGMkW3jwqXEaRO6p/Ibe9KN
  181. 3QYa+4ak35kky7TEKxZZbKmuY4u1J0x53QVIhVO8cNfsUxY19zZJ7nolDUUhTofIb0YF5UxJ
  182. 6uU17QG7eKddhfMgfD6H0ijOIezO+DmDwNyUcJoUffNSpA7vlpODz4Rm/g7PXAqcE+Za2HMS
  183. 7Y0ncMZP5xXKIyfh5AZB4lUqjiOiTI4jQR672+WZjryWgjsO7LLHdxynHTRs7swE3acw42Nv
  184. 9+Mjkd/dyTg7jMYGFXO5nIReeqCFsPVXy6W0hdaYD/C/KM5bEm5EYNBgXzv3RSjyAz+Er0mV
  185. cTokvlFjx/XZeZcqb4+3F3b/msg+pknoXflHeQ5CcR7CWBHvC4Pu0w3QSVWMu03B0CTj5P2E
  186. HKBz/NhUzPdcExHv5wClDVxXDH191YUI89knUuBD2OVe9ymcTBptlHOUutIYTu5mRvaA+eQH
  187. +HoSZJOzFTMjWynO3GbFdjB9hupSagzjEhVxRXy30NOMVyIBi+OcWoQtbGc8bq9OTHojcgxn
  188. Y8N5HlxX0rTd7Ry9L2Os6/qSpt30OxCT/2O4DJ3eLzBZ9MQoS2QkHt2OM15PDOZuN+R6Rbbw
  189. Gd23QTMaDeALFjOO2gcxo7YwutyhDI1Jsy9m7UZGV5TgV37nwI81DeNBHLv4WN0gvcE/r0pD
  190. 968ks2+M7MDJdKZeBL8rR5J3Rj9ua94bLnRyeJQnhv2DzUn0a61Gfp7u9HfL5Qt99vZ8np1m
  191. YG74WcnQmziYXLgLnvgbKB0CqVVBNU6tqnFqVY1Tq2qcWlXj1Kr2ku2yz6qVU852+gPC5f8H
  192. ibaBUM1JZisAAAAASUVORK5CYII=
  193.  
  194. ------=_NextPart_001_0013_FEE089E8.A8FAB2BE--
  195.  
  196. ------=_NextPart_000_0012_FEE089E8.A8FAB2BE--
  197.  
RAW Paste Data