Skip to content
MalwareWiki

Malware

BACKORDER

According to EclecticIQ, this is a downloader written in Go, able to exclude paths from Windows Defender in order to execute fetched payloads without raising alerts.

BACKORDER is a Windows malware family operated by Sandworm.

Background

EclecticIQ reports that this Go-based downloader can add exclusion paths to Windows Defender so that the payloads it retrieves can run without triggering alerts.

Source: Malpedia (Fraunhofer FKIE).