http://{BLOCKED}oxylists.net/img/google.bmp

 Analysis by: Jerowin Santillan

 URL BLOCKING DATE/TIME: 21 Mar 2013 12:45:00 PM GMT-8
 RATING: HIGH
 DOMAIN: freeproxylists.net
 CATEGORY: Disease Vector
 DESCRIPTION:

TROJ_DLDR.HB connects to this URL to download a file and saves it as %System%\tefrcft.gif. This malware is involved in the cyber attacks that targeted specific users in South Korea during March of 2013.