Skip to content

Hide Navigation Hide TOC

NEWSREELS (5abc6792-be17-48ee-a765-29cffa4242ee)

The NEWSREELS malware family is an HTTP based backdoor. When first started, NEWSREELS decodes two strings from its resources section. These strings are both used as C2 channels, one URL is used as a beacon URL (transmitting) and the second URL is used to get commands (receiving). The NEWSREELS malware family is capable of performing file uploads, downloads, creating processes or creating an interactive reverse shell.

Cluster A Galaxy A Cluster B Galaxy B Level
NewsReels (1d32e7c3-840e-4247-b28b-818cb1c4ae7c) Malpedia NEWSREELS (5abc6792-be17-48ee-a765-29cffa4242ee) Tool 1