This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects Infostealer.Scranos activity
Infostealer with kernel level rootkit capability. Rootkit injects code into svchost.exe which tries to download further payloads from C2 This signature detects the first level of GET request used to introduce new infection with some params to C2.