He Xu takes a close look at the Andromeda botnet. He Xu’s analysis shows that the Andromeda bot is very flexible and dynamic. It can enhance its abilities in different fields by installing different modules. It can distribute other malware very efficiently. It uses several RC4 keys to encrypt data for communications with C&C servers to make tracing it much more difficult.
Find the full analysis here - https://blog.fortinet.com/A-Good-Look-at-the-Andromeda-Botnet/