Names | BackBend | |
Category | Malware | |
Type | Downloader | |
Description | FireEye describes BACKBEND as a secondary downloader used as a backup mechanism in the case the primary backdoor is removed. When executed, BACKBEND checks for the presence of the mutexes MicrosoftZj or MicrosoftZjBak (both associated with Backspace variants). If either of the mutexes exist, the malware exits. | |
Information | <https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.backbend> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:BACKBEND> |
Last change to this tool card: 23 April 2020
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
APT 30, Override Panda | 2005 | ||||
Naikon, Lotus Panda | 2010-Apr 2022 |
2 groups listed (2 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |