large-logo-mcafee-dark

Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation BIOLOAD

The FIN7 threat actor, also known as Anunak, targeted entities to drop a malicious backdoor. The group placed a loader DLL file in the "%WINDR%\System32" directory and used a technique known as DLL search order hijacking to abuse the FaceFodUninstaller.exe application. Various techniques were used for persistence and execution including scheduled task, obfuscation, and masquerading.
Name Modified Date Sources
Operation BIOLOAD 2020-01-22