http://{BLOCKED}5.29.152/system/prinimalka.py/forms

 Analysis by: Michael Donavan Go

 URL BLOCKING DATE/TIME: 22 Nov 2012 02:10:00 PM GMT-8
 RATING: HIGH
 DOMAIN: 213.155.29.152
 CATEGORY: Disease Vector
 DESCRIPTION:

BKDR_URSNIF.DN sends the gathered information to this site via HTTP post. The said malware monitors specific US banking and financial sites to steal information.

Related Malware