Source mail:
x-store-info:4r51+eLowCe79NzwdU2kR3P+ctWZsO+J
Authentication-Results: hotmail.com; spf=softfail (sender IP is 5.208.156.149; identity alignment result is pass and alignment mode is relaxed) smtp.mailfrom=etgfln@icloud.com; dkim=none (identity alignment result is pass and alignment mode is relaxed) header.d=icloud.com; x-hmca=fail header.id=etgfln@icloud.com
X-SID-PRA: etgfln@icloud.com
X-AUTH-Result: FAIL
X-SID-Result: FAIL
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD02
X-Message-Info: isY2VobhFN9+PbbdQNbelA4VPcMc8X5j6ZduBEJ3NDcymurPntd93lyW4ri5A696fd409PCJT656gZdcqFx6mW8pshkRw+VEn+d2vbdytgMk/S2+TncgizEtAxrmsb0bxVEmi2pFVx0bDnRuGIKNf3UEUUJrd3rgEL8yEKgNfyhUFwYdqgFd77xvd1Ef2uxRBlrCYa3JXtiiRp6NpjfKRWzOMdwrUJOR
Received: from icloud.com ([5.208.156.149]) by COL004-MC5F5.hotmail.com with Microsoft SMTPSVC(7.5.7601.23008);
Sun, 10 May 2015 10:25:30 -0700
Message-ID: <006101d08b46$4ddf8450$8d84676f@SVZQM>
From: "Vegas Casino" <etgfln@icloud.com>
To: <trojan_mom@hotmail.com>
Subject: Free 100$ on Us
Date: Sun, 10 May 2015 19:25:26 -0-100
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_005E_01D08B57.11685450"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Return-Path: etgfln@icloud.com
X-OriginalArrivalTime: 10 May 2015 17:25:31.0620 (UTC) FILETIME=[50F8D240:01D08B46]
This is a multi-part message in MIME format.
------=_NextPart_000_005E_01D08B57.11685450
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Dear Customer,
With the Cool Cat Casino Instant-Win Scratch Ticket Game you can get $100 =
on the house right now.
Click below to claim. Just by visiting our site, you will automatically =
receive a 100 dollar chip that you can use to play over 100 of the best =
games online. From all your favorites, like Blackjack and Roulette, to new =
original games, including our new scratch card games, Cool Cat Casino =
wants to make playing and winning as easy as scratching a virtual ticket.
hxtp://t.cn/RAeG2Ku
Sincerely,
Cool Cat Casino Staff
-----------------------------
If you would like to not be contacted from us in the future please press =
on the link below:
hxtp://t.cn/RAeGoYr
------=_NextPart_000_005E_01D08B57.11685450--
__________________
URL: hxtp://t.cn/RAeG2Ku
UQ: http://urlquery.net/report.php?id=1431286944590
VT: https://www.virustotal.com/es/url/d871cbfb07a343af009c12ec8c1b6d759746b482baba82bf84990da428df06ad/analysis/1431286951/
PB: http://pastebin.com/FG4PkQtd
IP 180.149.135.224
ASN AS23724 IDC, China Telecommunications Corporation
Location [China] China
Setup.exe:
VT: https://www.virustotal.com/es/file/7e3575349318701e5049963a546257a1babee6e45d9bde40630aaedc83b2d4fd/analysis/1431287817/ --> 8/57
PB: http://pastebin.com/qETmtSj7 (Strings)
(http://i.elhacker.net/i?i=sM_ho-2R8aC4_dI6WBwfPGVo) (http://i.elhacker.net/d?i=sM_ho-2R8aC4_dI6WBwfPGVo)
Strings:
(http://i.elhacker.net/i?i=v6RNaBwg822NLhxwap5182Vo) (http://i.elhacker.net/d?i=v6RNaBwg822NLhxwap5182Vo)
@ehn_labs