Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support Rules regarding submitting

Send a message

Your tickets

Profile

Back to news

Doctor Web examines new backdoor for Windows

December 22, 2017

The Anunak backdoor family is a whole range of malicious programs capable of executing cybercriminals’ commands on an infected device. Doctor Web security specialists examined a new family representative. It infects 64-bit versions of Microsoft Windows and encrypts all data exchanged with the command and control server (C&C server).

The Trojan dubbed BackDoor.Anunak.142 exchanges information with its C&C server by generating encrypted packages. In addition, the header of each package and block of sent data are encrypted separately. This new backdoor can infect devices running on 64-bit Windows versions. There is also a 32-bit modification of this Trojan. It’s numerical order is 124.

BackDoor.Anunak.142 can perform the following actions on an infected device:

  • Download files from a specific remote server;
  • Upload files to a remote server;
  • Launch a file on an infected device;
  • Execute commands in the cmd.exe console;
  • Redirect traffic between ports;
  • Download and install its own modules.

A BackDoor.Anunak.142 signature is already in the Dr.Web virus databases; therefore, this malicious program poses no threat to our users.

More about the Trojan

Tell us what you think

You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2018

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040