Skip to content
MalwareWiki

Malware

Pterois

According to Seqrite, this is a loader for a follow-up side-loaded and in memory-staged Cobalt Strike Beacon.

Pterois is a Windows malware family operated by Swan Vector.

Background

Seqrite describes this as a loader that brings in a subsequent, side-loaded Cobalt Strike Beacon staged in memory. It relies on SDBM API hashing and retrieves the next stage from Google Drive using credentials hardcoded into the sample.

Source: Malpedia (Fraunhofer FKIE).