216.73.216.86

Unboxing Anubis: Exploring the Stealthy Tactics of FIN7's Latest Backdoor

· Published 20/03/2025 19:04 · Modified 21/03/2025 14:46

Export JSON

Essential information

Published
20/03/2025 19:04
Modified
21/03/2025 14:46
Tags
2025-03-20 anubisbackdoor apt encryption financial crime hospitality-sector obfuscation phishing python
Related entities
1 intrusion sets (apt), 17 techniques (mitre), 1 malware, 2 others

Description

FIN7, a notorious cybercrime group, has developed a new -based backdoor called . This sophisticated tool employs multi-stage attacks, , and techniques to evade detection. The malware is distributed through campaigns and uses AES with multiple layers of . 's core functionality includes network communication, system access, and anti-analysis features. It can execute commands, manipulate files, and gather system information. The backdoor maintains persistence through Windows Registry and uses a custom command protocol for C2 communication. This new tool demonstrates FIN7's continued evolution in developing covert communication channels and highlights their advanced capabilities in cybercrime operations.

External references