http://{BLOCKED}sionhunter.ru/sexy/file.php

 Analysis by: Clarisa Joyce Velasco

 URL BLOCKING DATE/TIME: 21 May 2013 06:15:00 PM GMT-8
 RATING: HIGH
 DOMAIN: televisionhunter.ru
 CATEGORY: Disease Vector
 DESCRIPTION:

This URL is included in the configuration file of WORM_ZBOT.GJ. This worm attempts to steal sensitive online banking information, such as user names and passwords. WORM_ZBOT.GJ is notable for its autoupdate and self-propagation routines.

Related Malware