Doctor Web examines new backdoor for Windows
Real-time threat news | Hot news | All the news | Virus alerts
December 22, 2017
The Trojan dubbed BackDoor.Anunak.142 exchanges information with its C&C server by generating encrypted packages. In addition, the header of each package and block of sent data are encrypted separately. This new backdoor can infect devices running on 64-bit Windows versions. There is also a 32-bit modification of this Trojan. It’s numerical order is 124.
BackDoor.Anunak.142 can perform the following actions on an infected device:
- Download files from a specific remote server;
- Upload files to a remote server;
- Launch a file on an infected device;
- Execute commands in the cmd.exe console;
- Redirect traffic between ports;
- Download and install its own modules.
A BackDoor.Anunak.142 signature is already in the Dr.Web virus databases; therefore, this malicious program poses no threat to our users.
More about the Trojan |