Skip to content
MalwareWiki

Malware

BACKBEND

FireEye describes BACKBEND as a secondary downloader used as a backup mechanism in the case the primary backdoor is removed.

BACKBEND is a Windows malware family operated by APT 30.

Background

FireEye characterizes BACKBEND as a secondary downloader that serves as a fallback should the primary backdoor be eliminated. On execution, it looks for the mutexes MicrosoftZj or MicrosoftZjBak, both tied to BACKSPACE variants, and terminates if either one is present.

Source: Malpedia (Fraunhofer FKIE).