差出人　java_now@163.com
件名　香港力基集团
内容
請預覽附件见内容
添付

中継
IP Address 182.18.164.70
Host Name ns2.vtacexports.com
Country India
Network(ASN) CtrlS
IP Prefix 182.18.164.1 – 182.18.166.94

IP Address 39.1.42.168
Host Name 39.1.42.168
Country Taiwan
Network(ASN) SONET-NET
IP Prefix 39.1.0.0 – 39.1.255.255
Description Taipei Taiwan 115

ソース
From – Wed Mar 09 14:34:19 2016
X-Account-Key: account2
X-UIDL: 00012e0f46de9b9e
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <noooo@vtacexports.com>
X-Original-To:@
Delivered-To:@
Received: from vestrics.com (ns2.vtacexports.com [182.18.164.70])
by mail. (Postfix) with ESMTP id 43F8F34C8D22
for <@>; Wed, 9 Mar 2016 12:+0900 (JST)
Received: from hlpsw (unknown [39.1.42.168])
by vestrics.com (Postfix) with ESMTP id 4A4EA68255C
for <@>; Wed, 9 Mar 2016 09 +0530 (IST)
From: =?GB2312?B?y7w=?= <java_now@163.com>
To: “” <@>
Subject: =?GB2312?B?z+O428Gmu/m8r83F?=
Date: Wed, 9 Mar 2016 11: +0800
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary=”—-=yacefi473_5830_247416378.458443″
X-Priority: 3
Message-Id: <20160309034947.43F8F34C8D22@mail.>

This is a multi-part message in MIME format.

——=yacefi473_5830_247416378.458443
Content-Type: text/plain;
charset=”GB2312″
Content-Transfer-Encoding: base64

1YjuQdNbuL28/rz7xNrI3Q==

——=yacefi473_5830_247416378.458443
Content-Type: image/jpeg;
name=”=?GB2312?B?yb22q7uq0Mu8r83FLmpwZw==?=”
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename=”=?GB2312?B?yb22q7uq0Mu8r83FLmpwZw==?=”

/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAA4JCgwKCQ4MCwwPDw4QFSIWFRMTFSoeIBkiMiw0NDEs
MC83Pk9DNzpLOy8wRV5GS1JUWVlZNUJhaGBWZ09XWVX/2wBDAQ8PDxUSFSgWFihVOTA5VVVVVVVV
VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVX/wAARCAA2A3UDASIA
AhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQA
AAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3
ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWm
p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEA
AwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSEx
BhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElK
U1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3
uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDpawtX
me4e5dGmh/s2FrhDjHmSEOAfXaNrcdGz3HXdrI1OGV/7W2Ru3mWComFJ3N+94HqeR+Yrop6M0ZTj
No+sGa4OpTvBGjxO8MwKsS4b5VUAAgKOmDjvzWzdXpt5o4Utpp5JFZwIyowFIBzuI/vCqNxLfRG5
vYrU+esRXyMZ3LjKHIOGIO7KjB+Y9cKWlv4hcXqO0FyUgxFvilaMneRn7uCQuEJOcYLd1xVys2ri
RU0c3lrNY2VwL1cQHcrmDYNoUcbfmxlh3z0684r61cakmpwi1jRlWYk7ZC5U+Ww4BXhtmTtG7oDj
n5r1tbPa3SXBSd3iJt5AZJHDByhDpuJwBxkdvm5O3mvqFhNd3rPai82R7slppI8Pnkx5b723IXgJ
8xyT0q04812KzsNhvJxdS3tvBHIiCCyIa5cEMSM5yvODIBz8w2n1Iq1rj3L2t/BFcwAeR/qjAxc7
gVADbsEkggcenHqXCNFeQ3cVlPNHCRDgNl2I3AP8x5A3MMk87y3RQTYa1867Iw5RZFklkk6uRyiL
/sqSDkccY5JbEtq6Y/IZbXN0msSWt3cwuphRkVISgLEvn

途中略

差出人
ecdl@abswyda.cz
件名
Private messages
返信先
wongshiu_ki@163.com
宛先

内容

Dear Friend,
I am Mr. Wong Shiu Ki, an Account Officer with the International Bank of Taipei
and I have a very sensitive and confidential brief for you from international
bank of Taipei, Taiwan. I am requesting for your partnership in re-profiling
funds I will give the details, but in summary, the funds are coming via Bank of
Taipei Taiwan.
This is a legitimate transaction; you will be paid 30% for your Management
Fees”. If you are interested, please write back and provide me with your
confidential telephone and fax numbers, Country and I will provide further
details and instructions. Please keep this confidential, as we cant afford more
political problems. Finally, please note that this must be concluded within two
weeks. Please write back promptly to my private email: Please do not reply if
you are not interested.
Please if you are not interested delete from your mailbox.
I look forward to it.
Regards,
Mr Wong Shiu Ki.

内容には、bmpファイルの添付ですが、Microsoft outlook 系のメールソフトはクラッシュするか、添付に存在ですね。

続きを読む Private messagesの件名メールは、クラッシュメールです。 →

差出人
stony17n@cipi.com.ua
件名
Enjoy the deepest pleasure
宛先

内容
Perfect way to be healthier http://intercontinental.xn--90aldchf1aupigw5g.xn--p1ai/

いつものように、中継してロシアに落ちます。
中継

IP Address 56.191.223.92
Host Name 56.191.223.92
Country United States

cipi.com.ua
IP Address 213.227.192.135
Host Name cpanel-kv.vegatele.com
Country Ukraine
Network(ASN) TOTAL-ELEC
IP Prefix 61.123.211.136 – 61.123.211.143
Description Total Electric Management Service Co., Ltd.

IP Address 125.24.44.132
Host Name node-8sk.pool-125-24.dynamic.totbb.net
Country Thailand
Network(ASN) totnet
IP Prefix 125.24.44.0 – 125.24.44.255
Description TOT Public Company Limited

intercontinental.xn--90aldchf1aupigw5g.xn--p1ai
IP Address 95.31.22.193
Host Name 0891749489.static.corbina.ru
Country Russian Federation
Network(ASN) CORBINA-BROADBAND-STATIC
IP Prefix 95.31.0.0 – 95.31.31.255
Description RU-CORBINA-BROADBAND-POOL10

ソース

From – Tue Feb 16 15: 2016
X-Account-Key: account17
X-UIDL: 0000016b46df8403
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <>
X-Original-To: @
Delivered-To: @
Received: from 125.24.44.132 (node-8sk.pool-125-24.dynamic.totbb.net [125.24.44.132])
by mail. (Postfix) with SMTP id BCB3934CA1A6
for <@>; Tue, 16 Feb 2016 15: +0900 (JST)
Received: from unknown (HELO localhost) (stony17n@cipi.com.ua@56.191.223.92)
by 125.24.44.132 with ESMTPA; Tue, 16 Feb 2016 13:03:41 +0700
X-Originating-IP: 56.191.223.92
From: stony17n@cipi.com.ua
To: @
Subject: Enjoy the deepest pleasure
Message-Id: <20160216060617.BCB3934CA1A6@mail.>
Date: Tue, 16 Feb 2016 15:06:16 +0900 (JST)

Perfect way to be healthier http://intercontinental.xn--90aldchf1aupigw5g.xn--p1ai/