http://{BLOCKED}orld.com/1.exe

 Analysis by: Jeann Therese Muninio

 URL BLOCKING DATE/TIME: 08 Jul 2013 12:30:00 PM GMT-8
 RATING: HIGH
 DOMAIN: ngnetworld.com
 CATEGORY: Disease Vector
 DESCRIPTION:

TSPY_FAREIT.ACU connects to this website to download and execute a malicious file. This malware disguises itself as an Opera update. Cybercriminals behind this threat stole an outdated Opera digital certificate, which they used to sign this malware.

Related Malware