http://stsa.FAQServ.com

 Analysis by: Jeann Therese Muninio

 URL BLOCKING DATE/TIME: 08 Jul 2013 12:00:00 AM GMT-8
 RATING: HIGH
 DOMAIN: FAQServ.com
 CATEGORY: Disease Vector
 DESCRIPTION:

BKDR_POISON.BTA connects to this URL to send and receive commands from a remote malicious user. This malware uses DLL preloading, a technique more known to be utilized by PlugX.

Related Malware