NewsReels

Description

The NEWSREELS malware family is an HTTP based backdoor. When first started, NEWSREELS decodes two strings from its resources section. These strings are both used as C2 channels, one URL is used as a beacon URL (transmitting) and the second URL is used to get commands (receiving). The NEWSREELS malware family is capable of performing file uploads, downloads, creating processes or creating an interactive reverse shell.

Names

Name
NewsReels

Type

Backdoor
Exfiltration

Information

https://www.fireeye.com/blog/threat-research/2014/01/tracking-malware-import-hashing.html
http://contagiodump.blogspot.com/2013/03/mandiant-apt1-samples-categorized-by.html

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.newsreels

Other Information

Uuid

40b53b58-bd6a-4207-b094-b3e015ecd24e

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

NewsReels

NewsReels

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks