VIDEOKILLER

Description

(FireEye) VIDEOKILLER is a .NET backdoor similar to RADIOSTAR that handles commands from the C&C server. It masquerades as conhost.exe. The majority of strings it contains are Base64 encoded, though some are not, such as the string “It’s Ok” which is potentially used for logging throughout execution.

Names

Name
VIDEOKILLER

Type

Backdoor

Information

https://content.fireeye.com/web-assets/rpt-unc1151-ghostwriter-update

Other Information

Uuid

989eb461-9f94-496a-a0c1-9218ab31462f

Last Card Change

2021-05-15

Threat Intelligence Garden

Explorer

VIDEOKILLER

VIDEOKILLER

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks