Anchor

Description

(Cybereason) During our investigation, we found several unidentified malware samples related to TrickBot infections. The malware is dubbed Anchor by its authors and has been active since August 2018. Unlike Anchor_DNS, the Anchor malware does not implement communication over DNS. However, it does share many behavioral, code, and string similarities with Anchor_DNS and some similarities to TrickBot.

Names

Name
Anchor
Anchor_DNS

Type

Backdoor

Information

https://www.cybereason.com/blog/dropping-anchor-from-a-trickbot-infection-to-the-discovery-of-the-anchor-malware
https://www.bleepingcomputer.com/news/security/trickbots-new-linux-malware-covertly-infects-windows-devices/
https://thedfirreport.com/2021/03/08/bazar-drops-the-anchor

Mitre Attack

https://attack.mitre.org/software/S0504/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.anchor

Other Information

Uuid

6bbe4681-573c-417b-bb91-657aef026509

Last Card Change

2022-12-30

Threat Intelligence Garden

Explorer

Anchor

Anchor

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks