According to Mandiant, this is a tunneler, likely based on an open-source Socks4a proxy, that communicates using Azure cloud infrastructure.
There is no Yara-Signature yet.
If your designated proposal does not fit in any other category, feel free to write a free-text in the comment field below.
Please propose all changes regarding references on the Malpedia library page
Your suggestion will be reviewed before being published. Thank you for contributing!
YYYY-MM-DD
YYYY-MM
YYYY