k0h1defsBTLO | Network Analysis — Malware CompromiseAs I opened the pcap, I saw the first HTTP GET request to klychenogg[.]com which is possibly a sign of php execution.Feb 5Feb 5