I did a bit of reversing on it and it looks like it's a copy/fork of Aeternum. It takes screenshot and uploads it to a TA controlled infra, makes some eth_call via json rpc to polygon. the C2 is hosted by Organization: Standart AG, LLC (Latvia) ASN: AS207957