http://webmail.{BLOCKED}antravel.com:8080/forum/viewtopic.php

 Analysis by: Clarisa Joyce Velasco

 URL BLOCKING DATE/TIME: 29 Aug 2013 08:20:00 PM GMT-8
 RATING: HIGH
 DOMAIN: alsultantravel.com
 CATEGORY: Disease Vector
 DESCRIPTION:

TSPY_FAREIT.AFM attempts to steal stored account information and other sensitive information and send the gathered information via HTTP POST to this URL. This FARFEIT variant is the final payload of a Blackhole Exploit Kit related spam run.