Ankit Anubhav on Twitter: "#Grandoeiro Anti sandbox - To run the malware exe victim needs to solve a captcha. Use of azure cloudapp, malware does a POST with string "INFECTADO" Connects to a HFS server - It looks like XML but in reality these are archives hiding exe payload. 300MB+ size. C2 : ciscofreak😂 https://t.co/jSnuQIPiFQ" / Twitter
https://twitter.com/ankit_anubhav/status/1555521068734902272