QueenofHearts is the researchers' name to one of three malware families that comprise the toolkit of a sophisticated threat actor. This particular threat has been assigned the name PowerPool by infosec analysts.
Functionally, QueenOfHearts is extremely similar to the other malware family employed by the hackers called KingofHearts. They are both backdoor threats possessing the basing function expected from such a type of malware. That doesn't make them any less potent, though. QueenOfHearts is capable of executing commands on the compromised system, manipulating files, drivers, and folders, as well as listing all running processes and arbitrarily terminating any of them. The main difference between the two malware threats is that QueenOfHearts lacks the anti-analysis techniques present in KingOfHearts.
To communicate with its Command-and-Control server, QueenOfHearts uses HTTP and makes GET requests. Commands are returned in the form of two-letter combinations.