QueenOfHearts

QueenOfHearts Description

QueenofHearts is the researchers' name to one of three malware families that comprise the toolkit of a sophisticated threat actor. This particular threat has been assigned the name PowerPool by infosec analysts. 

Functionally, QueenOfHearts is extremely similar to the other malware family employed by the hackers called KingofHearts. They are both backdoor threats possessing the basing function expected from such a type of malware. That doesn't make them any less potent, though. QueenOfHearts is capable of executing commands on the compromised system, manipulating files, drivers, and folders, as well as listing all running processes and arbitrarily terminating any of them. The main difference between the two malware threats is that QueenOfHearts lacks the anti-analysis techniques present in KingOfHearts. 

To communicate with its Command-and-Control server, QueenOfHearts uses HTTP and makes GET requests. Commands are returned in the form of two-letter combinations.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.