The Zebrocy trojan is a custom downloader malware used by APT Sofacy (a.k.a. APT28, Fancy Bear or Sednit) It’s functionally much the same as its other versions, but the new code was written using the Go programming language. The similarities between the new payload and previous versions start with the same command-and-control (C2) URL. The new code also uses ASCII hexadecimal obfuscation of strings and uses the output from systeminfo and tasklist in the C2 beacon.
Source: https://threatpost.com/russia-linked-sofacy-debuts-fresh-zebrocy-malware-variant/140064/