 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: BackBend| Names | BackBend | |
| Category | Malware | |
| Type | Downloader | |
| Description | FireEye describes BACKBEND as a secondary downloader used as a backup mechanism in the case the primary backdoor is removed. When executed, BACKBEND checks for the presence of the mutexes MicrosoftZj or MicrosoftZjBak (both associated with Backspace variants). If either of the mutexes exist, the malware exits. | |
| Information | <https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.backbend> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:BACKBEND> | |
Last change to this tool card: 23 April 2020
Download this tool card in JSON format
Previous: BabyShark
Next: BackConfig
| Changed | Name | Country | Observed | ||
APT groups | |||||
| APT 30, Override Panda |  | 2005 | |||
| Naikon, Lotus Panda | | 2010-Apr 2022 | |||
2 groups listed (2 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |