See our channel on
Based on common samples of this archive found in sandboxes like ANY.RUN and automated analysis reports:
: Attempts to connect to a remote IP or a Telegram bot API to upload gathered archives.
: Disconnect the affected machine from the network to prevent data exfiltration.
Based on common samples of this archive found in sandboxes like ANY.RUN and automated analysis reports:
: Attempts to connect to a remote IP or a Telegram bot API to upload gathered archives.
: Disconnect the affected machine from the network to prevent data exfiltration.