Tag
Detection of DNS queries to api.telegram.org by processes other than telegram.exe indicates potential command and control communication via Telegram bots, a technique leveraged by malware to establish covert communication channels.