malware-ioc/SavageLadybug/AnubisBackdoor.md at master ·
prodaft/malware-ioc
By prodaftcatalyst
Archived: 2026-04-06 01:33:25 UTC
Latest commit
Mar 11, 2025
File metadata and controls
22 lines (16 loc) · 705 Bytes
Anubis Backdoor
A Python-based backdoor used by the Savage Ladybug (FIN7) group is developed to provide remote access,
execute commands, and steal data. It is obfuscated to avoid detection.
The full report is available here.
Indicators of Compromise (IOC)
Backend servers
38.134.148.20
5.252.177.249
212.224.107.203
195.133.67.35
File Hashes
SHA256
03a160127cce3a96bfa602456046cc443816af7179d771e300fec80c5ab9f00f
5203f2667ab71d154499906d24f27f94e3ebdca4bba7fe55fe490b336bad8919
Source: https://github.com/prodaft/malware-ioc/blob/master/SavageLadybug/AnubisBackdoor.md
https://github.com/prodaft/malware-ioc/blob/master/SavageLadybug/AnubisBackdoor.md
Page 1 of 1