Analysis by: Sheiree Salvago

 URL BLOCKING DATE/TIME: 29 Jun 2010 04:40:00 AM GMT-8
 RATING: HIGH
 DOMAIN: ohphahfech.ru/
 CATEGORY: Disease Vector
 DESCRIPTION:

This is where TSPY_ZBOT.BWF downloads its configuration file. This configuration file contains the list of targeted banks, where it can download an updated copy of itself and where to send the stolen information.

Related Malware