The hacker group which created recently acclaimed Linux malware Sambacry have allegedly created a windows malware named CowerSnail. Kaspersky researchers based these assumptions on the fact that both the malware families were leveraging common command and control (C&C) infrastructure. After installation the malware escalates its privileges and then starts communications with C&C.
Unlike SambaCry CowerSnail does not download cryptocurrency mining software by default, instead it works as a backdoor capable of executing command and payloads, stealing information and uninstalling itself
VT link for the payload:
Securelist (KasperSky labs): https://securelist.com/