http://admin0805.{BLOCKED}y.net

BKDR_RARSTONE.A connects to this site to send and receive commands from a remote malicious user. The malware uses similar techniques as those of PlugX, including process injection and use of blob file.