Defend what you create

Other Resources


My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


Back to news

Doctor Web examines new backdoor for Windows

December 22, 2017

The Anunak backdoor family is a whole range of malicious programs capable of executing cybercriminals’ commands on an infected device. Doctor Web security specialists examined a new family representative. It infects 64-bit versions of Microsoft Windows and encrypts all data exchanged with the command and control server (C&C server).

The Trojan dubbed BackDoor.Anunak.142 exchanges information with its C&C server by generating encrypted packages. In addition, the header of each package and block of sent data are encrypted separately. This new backdoor can infect devices running on 64-bit Windows versions. There is also a 32-bit modification of this Trojan. It’s numerical order is 124.

BackDoor.Anunak.142 can perform the following actions on an infected device:

  • Download files from a specific remote server;
  • Upload files to a remote server;
  • Launch a file on an infected device;
  • Execute commands in the cmd.exe console;
  • Redirect traffic between ports;
  • Download and install its own modules.

A BackDoor.Anunak.142 signature is already in the Dr.Web virus databases; therefore, this malicious program poses no threat to our users.

More about the Trojan

Tell us what you think

To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.

Other comments

The Russian developer of Dr.Web anti-viruses
Doctor Web has been developing anti-virus software since 1992
Dr.Web is trusted by users around the world in 200+ countries
The company has delivered an anti-virus as a service since 2007
24/7 tech support

Dr.Web © Doctor Web
2003 — 2021

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125124