Analysis by: Jesa Golez

 URL BLOCKING DATE/TIME: 26 Feb 2013 01:25:00 PM GMT-8
 RATING: HIGH
 DOMAIN: admin0805.gnway.net
 CATEGORY: Disease Vector
 DESCRIPTION:

BKDR_RARSTONE.A connects to this site to send and receive commands from a remote malicious user. The malware uses similar techniques as those of PlugX, including process injection and use of blob file.