La mia libreria
La mia libreria

+ Aggiungi alla libreria

Supporto
Supporto 24/7 | Regole per contattare

Richieste

Profile

Linux.Siggen.2077

Aggiunto al database dei virus Dr.Web: 2019-08-15

La descrizione è stata aggiunta:

Technical Information

Malicious functions:
Launches itself as a daemon
Substitutes application name for:
  • z0uxpn0vo0
Performs operations with the file system:
Deletes folders:
  • <SAMPLE_FULL_PATH>
Creates or modifies files:
  • <SAMPLE_FULL_PATH>
Deletes files:
  • <SAMPLE_FULL_PATH>
Network activity:
Awaits incoming connections on ports:
  • 127.0.0.1:8888
Establishes connection:
  • 8.#.8.8:53
  • 8.#.4.4:53
  • 20#.###.188.207:8000
HTTP GET requests:
  • http://###.#6.221.101/
DNS ASK:
  • oh####.#aiseyourdongers.pw
Sends data to the following servers:
  • 15#.###.158.173:8080
  • 59.###.182.107:82
  • 74.###.69.123:80
  • 20#.#3.89.23:81
  • 26.###.40.150:88
  • 89.###.101.193:88
  • 69.###.236.200:82
  • 67.###.213.167:80
  • 15#.##9.131.24:8000
  • 22#.#2.48.52:88
  • 22#.###.169.219:8000
  • 27.###.26.223:8000
  • 81.##.191.15:81
  • 83.###.110.173:8000
  • 11#.###.235.152:8000
  • 19#.#.165.238:8080
  • 18#.##1.166.38:80
  • 44.###.178.252:80
  • 24#.##8.134.24:88
  • 17#.#05.1.97:82
  • 68.##.74.186:8080
  • 11#.##.49.193:8080
  • 15#.##.47.230:81
  • 11.##.48.76:8000
  • 10#.##.69.151:82
  • 39.##.108.18:8080
  • 14#.###.167.143:8080
  • 18#.##5.222.35:80
  • 11#.##.217.150:8000
  • 21#.##4.62.33:82
  • 98.##.161.80:80
  • 91.##.171.250:8080
  • 22#.##9.12.225:82
  • 20#.##.68.207:8080
  • 15#.##3.27.173:80
  • 13#.##.220.230:80
  • 70.###.52.244:80
  • 22#.#.231.97:88
  • 11#.##8.109.63:88
  • 17#.##.81.199:8000
  • 25.###.37.227:82
  • 14#.##3.53.222:8080
  • 25#.##.191.53:80
  • 70.###.117.103:82
  • 20#.##.196.175:80
  • 16#.#2.88.27:82
  • 20#.##.212.25:8000
  • 24.##.80.20:8080
  • 97.###.62.50:8080
  • 60.###.86.234:8000
  • 18#.##.103.220:81
  • 33.##.18.41:80
  • 41.###.189.236:8000
  • 94.###.151.252:8080
  • 28.###.196.11:88
  • 37.#.#6.253:8000
  • 32.##.0.237:88
  • 86.##.22.97:82
  • 24#.##1.81.150:8000
  • 11#.##6.71.208:88
  • 13#.##.237.241:81
  • 14#.##7.102.75:8000
  • 13#.##8.11.195:81
  • 63.###.214.176:81
  • 16#.##.125.169:81
  • 24#.##0.247.83:8080
  • 23#.##4.155.73:82
  • 23#.##.242.89:88
  • 24#.##5.94.226:88
  • 14#.##7.197.213:80
  • 23#.##.39.136:80
  • 20#.###.232.193:8080
  • 12#.##1.79.69:80
  • 1.##.#06.181:8080
  • 12#.##.49.3:8000
  • 18#.##2.79.179:82
  • 4.##.39.5:82
  • 18#.##4.41.122:81
  • 21#.##8.152.170:80
  • 19#.##.66.234:81
  • 14#.##.109.46:81
  • 32.##.232.25:88
  • 96.###.135.142:88
  • 57.##.246.130:81
  • 11#.##.141.233:88
  • 60.##4.85.19:81
  • 48.###.143.6:8080
  • 75.##.222.94:80
  • 17#.##6.97.52:81
  • 24#.##2.17.72:80
  • 23#.##.76.98:8000
  • 15#.##.30.3:8080
  • 24#.##9.174.67:8000
  • 4.###.231.11:88
  • 52.##.157.63:8080
  • 94.#.117.163:81
  • 5.###.217.159:82
  • 23#.#2.48.89:80
  • 21#.##.222.63:88
  • 22#.#.146.160:88
  • 12#.##4.72.107:81
  • 19#.##5.226.70:88
  • 74.##4.63.11:82
  • 20#.##6.5.155:80
  • 17#.##.53.116:88
  • 20#.##8.88.212:82
  • 24#.#8.8.233:88
  • 3.##.226.63:82
  • 96.##.221.202:81
  • 52.###.119.254:81
  • 17#.##.244.68:8080
  • 17#.##.107.167:80
  • 21#.##7.44.102:80
  • 13#.##1.185.141:82
  • 23#.##3.125.148:81
  • 22#.##4.0.158:82
  • 19#.##4.11.144:80
  • 10.##4.21.13:82
  • 23#.##2.230.242:81
  • 19.###.31.153:80
  • 22#.##.29.166:80
  • 18#.##.245.149:81
  • 11#.##.73.65:8000
  • 23.###.201.125:8000
  • 16#.##2.244.100:82
  • 19#.##.196.224:80
  • 13#.##6.64.47:80
  • 60.###.222.189:8000
  • 16.###.180.226:88
  • 10.###.68.175:8080
  • 63.###.252.64:88
  • 17#.#.1.245:82
  • 53.###.178.77:88
  • 12#.##8.43.110:8000
  • 23.###.147.217:88
  • 8.###.205.187:82
  • 56.###.34.189:8000
  • 12#.##0.0.228:8000
  • 22#.##.112.194:8080
  • 23#.##5.199.187:80
  • 12.###.249.152:81
  • 20#.###.188.207:8000
  • 13#.##7.16.116:81
  • 96.##.203.134:81
  • 14#.##8.146.1:88
  • 11#.##8.130.34:82
  • 17.###.163.157:82
  • 24#.##3.164.105:80
  • 56.###.224.133:80
  • 13#.##4.0.207:82
  • 57.##.159.219:81
  • 10#.#37.45.1:81
  • 20#.###.232.144:8080
  • 20#.##0.239.221:80
  • 18#.##.162.147:82
  • 21#.##.187.123:88
  • 23.##.25.76:8000
  • 10#.##8.2.192:8080
  • 12#.##4.181.33:88
  • 91.##.196.185:8000
  • 12#.##.242.116:81
  • 15#.##.115.89:80
  • 23#.##5.222.99:80
  • 26.#.212.115:80
  • 86.##.108.187:8080
  • 25#.#.135.238:80
  • 1.##.#9.180:8000
  • 9.##.213.171:81
  • 39.##5.195.9:88
  • 10#.###.133.104:8080
  • 10#.##8.128.12:82
  • 43.##9.42.34:88
  • 25#.##.120.98:8080
  • 20#.###.181.117:8080
  • 23#.##.134.64:82
  • 20#.##7.161.11:8000
  • 21#.#.78.143:8000
  • 17#.##4.93.221:88
  • 37.###.151.247:8000
  • 13#.##3.253.35:8000
  • 15.##.113.63:82
  • 45.###.173.206:88
  • 71.###.216.215:82
  • 24#.##8.153.147:82
  • 15.###.1.165:8080
  • 15#.##8.79.185:82
  • 24#.##.169.16:82
  • 6.##.#09.93:8080
  • 17#.##9.186.14:8000
  • 11#.##0.197.231:81
  • 1.##.#63.248:8000
  • 17#.#.137.1:82
  • 15#.###.230.252:8080
  • 11#.##9.71.188:88
  • 15#.##6.10.187:8080
  • 18#.##1.128.70:81
  • 61.###.113.166:8000
  • 38.##0.72.65:82
  • 10#.###.164.193:8080
  • 24#.##9.161.62:80
  • 25#.##.249.103:88
  • 21#.##7.204.158:80
  • 66.#.#04.103:8000
  • 6.###.65.172:80
  • 11#.##.229.143:80
  • 22#.##2.204.104:82
  • 24#.##.173.52:8080
  • 19#.##3.62.206:81
  • 63.###.169.85:88
  • 11#.##0.74.66:81
  • 10#.##2.74.17:8000
  • 21#.#5.1.151:82
  • 32.###.32.153:80
  • 89.###.184.205:88
  • 12#.##1.240.157:82
  • 20#.###.254.241:8080
  • 24#.##7.40.18:80
  • 14#.##2.131.82:80
  • 94.###.59.149:82
  • 11#.##.189.145:81
  • 70.##.97.71:81
  • 49.###.138.158:8000
  • 11.###.104.137:88
  • 14#.##4.207.150:88
  • 21#.##6.228.99:80
  • 22#.##0.215.30:81
  • 21#.#1.3.231:82
  • 10#.##6.244.15:82
  • 14#.##5.153.205:80
  • 19#.##2.232.23:88
  • 45.##.71.156:81
  • 15#.##1.55.116:8080
  • 45.##.250.57:8000
  • 13#.###.168.201:8080
  • 26.##.121.244:88
  • 23#.##.194.180:82
  • 15#.##1.219.237:82
  • 10#.##4.164.56:88
  • 38.#.202.106:81

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number