Doctor Web examines new backdoor for Windows
December 22, 2017
The Trojan dubbed BackDoor.Anunak.142 exchanges information with its C&C server by generating encrypted packages. In addition, the header of each package and block of sent data are encrypted separately. This new backdoor can infect devices running on 64-bit Windows versions. There is also a 32-bit modification of this Trojan. It’s numerical order is 124.
BackDoor.Anunak.142 can perform the following actions on an infected device:
- Download files from a specific remote server;
- Upload files to a remote server;
- Launch a file on an infected device;
- Execute commands in the cmd.exe console;
- Redirect traffic between ports;
- Download and install its own modules.
A BackDoor.Anunak.142 signature is already in the Dr.Web virus databases; therefore, this malicious program poses no threat to our users.
|More about the Trojan|
Tell us what you think
You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.