Backdoor:OSX/Sabpab.A connects to a remote server to receive further instructions, without the knowledge or permission from the user.
Find the latest advice in our Community Knowledge Base.
See the manual for your F-Secure product on the Help Center.
Submit a file or URL for further analysis.
The malware drops the following copy of itself:
It creates the following launchpoint for the file above:
The malware connects to a remote server to obtain additional commands. The server varies between samples. As of this writing, there are two known servers:
The backdoor is capable of performing the following actions: