Date: Thu, 6 Dec 2012 17:32:38 +0200
From: "Amazon . com" [firstname.lastname@example.org]
Subject: Your Amazon.com order receipt.
Click here if the e-mail below is not displayed correctly.
Your Amazon.com Today's Deals See All Departments
Dear Amazon.com Member,
Thanks for your order, [redacted]!
Did you know you can view and edit your orders online, 24 hours a day? Visit Your Account.
E-mail Address: [redacted]
1113 4th Street
Fort North NC 71557-2319,,FL 67151}
Order Grand Total: $ 50.99
Earn 3% rewards on your Amazon.com orders with the Amazon Visa Card. Learn More
Order #: C47-8578330-3362713
Subtotal of items: $ 50.99
Total before tax: $ 50.99
Tax Collected: $0.00
Grand Total: $ 50.00
Gift Certificates: $ 0.99
Total for this Order: $ 50.99
Find Great Deals on Millions of Items Storewide
We hope you found this message to be useful. However, if you'd rather not receive future e-mails of this sort from Amazon.com, please opt-out here.
� 2012 Amazon.com, Inc. or its affiliates. All rights reserved. Amazon, Amazon.com, the Amazon.com logo and 1-Click are registered trademarks of Amazon.com, Inc. or its affiliates. Amazon.com, 475 Larry Ave. N., Seattle, MI 83304-6203. Reference: 61704824
Please note that this message was sent to the following e-mail address: [redacted]
The malicious payload is at [donotclick]evokeunreasoning.pro/detects/slowly_apply.php but at the time of writing the domain does not seem to be resolving.