Doctor Web examines new backdoor for Windows
December 22, 2017
The Trojan dubbed BackDoor.Anunak.142 exchanges information with its C&C server by generating encrypted packages. In addition, the header of each package and block of sent data are encrypted separately. This new backdoor can infect devices running on 64-bit Windows versions. There is also a 32-bit modification of this Trojan. It’s numerical order is 124.
BackDoor.Anunak.142 can perform the following actions on an infected device:
- Download files from a specific remote server;
- Upload files to a remote server;
- Launch a file on an infected device;
- Execute commands in the cmd.exe console;
- Redirect traffic between ports;
- Download and install its own modules.
A BackDoor.Anunak.142 signature is already in the Dr.Web virus databases; therefore, this malicious program poses no threat to our users.
| More about the Trojan |
Get Dr.Weblings for participating in activities on our website
1 activity = 1 Dr.Webling
Rate
Repost
![[VK]](http://st.drweb.com/static/new-www/social/no_radius/vkontakte.png)
![[Twitter]](http://st.drweb.com/static/new-www/social/no_radius/twitter.png)
Like
![[facebook]](http://st.drweb.com/static/new-www/social/no_radius/facebook.png)
To get your award points, go to the news page when logged in under your Doctor Web account (or create an account). Your account must be linked with one of your social network accounts in order for you to receive award points for participating in our website activities.
What is the benefit of having an account? | How can I earn Dr.Webling award points?
Tell us what you think
You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.
Other comments