| http://www.w3.org/ns/prov#value | - CNC COMMANDSThe response we received from the above GET requests was a 404 so we forged the responses and analyzed one of the samples to see how it behaves upon receiving valid responses.At a very high level these are the following things the malware does:It receives command and control information as base64 encoded strings using a custom character set, which is further scrambled using a custom-sc
|
