Credential stealing seems to be the main goal. Once executed on a machine, the fshec2 malicious payload collects information about the system such as usernames, directory listings, and hostnames ...