http://{BLOCKED}5.28.104/system/prinimalka.py/command

 Analysis by: Michael Donavan Go

 URL BLOCKING DATE/TIME: 27 Jul 2011 06:35:00 PM GMT-8
 RATING: HIGH
 DOMAIN: 213.155.28.104
 CATEGORY: Disease Vector
 DESCRIPTION:

BKDR_URSNIF.DN connects to this site to send and receive commands from a remote malicious user. The said malware monitors specific US banking and financial sites to steal information.

Related Malware