解析者: Giancarlo Ricamora

 ブロック日時: 2012年5月10日 16:45:00 GMT-8
 評価:
 ドメイン名: 208.115.196.130
 カテゴリ: Disease Vector
 概要 :

TSPY_BANKER.EUIQ accesses this site to download its configuration file. Its configuration file contains information such as the IP addresses or website addresses where this spyware redirects the user to, as well as the title strings of target banks.

This is also the site where TROJ_KILSRV.EUIQ may be downloaded from. TROJ_KILSRV.EUIQ is a component of TSPY_BANKER.EUIQ and it uninstalls software that protects Brazilian bank customers when they perform online banking transactions.