La mia libreria
La mia libreria

+ Aggiungi alla libreria

Supporto
Supporto 24/7 | Regole per contattare

Richieste

Profile

Linux.Siggen.2266

Aggiunto al database dei virus Dr.Web: 2019-10-22

La descrizione è stata aggiunta:

Technical Information

Malicious functions:
Launches itself as a daemon
Substitutes application name for:
  • M1jcXhHTSMschJhcqsKpb04YLZhOoXHT
Kills system processes:
  • sshd
Kills the following processes:
  • exim4
  • bash
  • run.sh
Network activity:
Awaits incoming connections on ports:
  • 0.0.0.0:8083
Establishes connection:
  • 8.#.8.8:53
  • 18#.###.105.160:37009
  • 25#.###.255.255:37009
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
  • 14#.##1.115.118:23
  • 31.##.63.96:23
  • 15#.##5.215.139:23
  • 21#.##.106.32:23
  • 47.###.202.166:23
  • 63.##.239.139:23
  • 19#.##.112.210:23
  • 19#.##5.108.11:23
  • 19#.##8.221.188:23
  • 20#.##.147.225:23
  • 87.###.221.211:23
  • 83.###.89.121:23
  • 16#.##1.104.68:23
  • 64.###.96.178:23
  • 32.###.157.243:23
  • 17#.##1.147.9:23
  • 16#.#6.91.54:23
  • 16#.##1.46.253:23
  • 19#.##.115.173:23
  • 15#.##2.126.250:23
  • 18#.#38.3.2:23
  • 18#.##6.140.12:23
  • 2.##.223.172:23
  • 21#.##.127.108:23
  • 35.##.178.12:23
  • 13#.##7.60.105:23
  • 12#.##1.137.181:23
  • 18#.##.69.252:23
  • 11#.##.252.34:23
  • 77.###.138.244:23
  • 47.##.107.204:23
  • 12#.##.200.107:23
  • 94.##6.16.41:23
  • 18#.##4.49.249:23
  • 48.##.2.217:23
  • 19#.##.200.96:23
  • 36.###.76.191:23
  • 12#.##5.128.67:23
  • 18#.##1.181.214:23
  • 24.###.139.208:23
  • 10#.##5.26.55:23
  • 13#.#2.96.59:23
  • 14#.##0.117.64:23
  • 18#.##.16.158:23
  • 11#.##5.124.216:23
  • 83.###.184.87:23
  • 19#.##4.190.45:23
  • 17#.##4.166.221:23
  • 64.##.13.203:23
  • 13#.##1.15.215:23
  • 18.##5.67.66:23
  • 17#.##9.173.60:23
  • 19#.##0.104.245:23
  • 22#.#2.90.62:23
  • 10#.##5.136.91:23
  • 17#.#5.3.2:23
  • 82.###.143.71:23
  • 17#.##0.67.200:23
  • 10#.#.224.128:23
  • 18#.##4.10.195:23
  • 13#.#1.111.0:23
  • 15#.##.198.93:23
  • 16#.##3.161.1:23
  • 73.###.24.213:23
  • 99.##.25.224:23
  • 13#.#5.93.99:23
  • 11#.##9.150.115:23
  • 17#.##9.30.18:23
  • 19#.##7.57.92:23
  • 18#.##.198.33:23
  • 74.##.77.121:23
  • 10#.##8.120.139:23
  • 11#.##.115.202:23
  • 63.##.132.73:23
  • 21#.##5.14.59:23
  • 19#.##.224.227:23
  • 99.###.157.83:23
  • 2.##.99.218:23
  • 19#.##9.245.160:23
  • 13#.##.127.88:23
  • 12#.#.177.191:23
  • 47.##.117.50:23
  • 15#.#65.1.93:23
  • 14#.##3.248.136:23
  • 15#.##4.226.115:23
  • 61.##.49.41:23
  • 18#.##7.49.185:23
  • 11#.##2.215.45:23
  • 40.##.6.214:23
  • 74.##.249.51:23
  • 68.###.127.244:23
  • 12#.##3.125.244:23
  • 21#.##9.143.109:23
  • 23.###.143.58:23
  • 5.##.172.84:23
  • 21#.##2.41.124:23
  • 41.##9.58.44:23
  • 10#.##7.186.33:23
  • 97.###.217.97:23
  • 58.##.232.153:23
  • 17#.#3.69.87:23
  • 60.###.188.131:23
  • 97.##7.87.8:23
  • 15#.##2.163.24:23
  • 79.##.152.113:23
  • 18#.##0.137.50:23
  • 58.##.211.171:23
  • 19#.##.185.232:23
  • 13#.##.102.149:23
  • 67.##3.1.112:23
  • 77.##.105.72:23
  • 8.##.2.77:23
  • 15#.#9.41.25:23
  • 16#.##0.38.69:23
  • 13#.##0.19.155:23
  • 41.###.236.176:23
  • 72.###.221.222:23
  • 21#.##8.105.163:23
  • 34.###.21.174:23
  • 10#.##4.102.61:23
  • 18#.#.239.208:23
  • 79.##.198.213:23
  • 16#.##4.151.75:23
  • 18#.##2.117.246:23
  • 12#.##.100.134:23
  • 16#.##7.191.226:23
  • 44.##.251.91:23
  • 15#.##2.202.189:23
  • 90.##5.1.117:23
  • 15#.##5.121.90:23
  • 12#.##6.81.213:23
  • 91.###.170.245:23
  • 17#.##.86.132:23
  • 27.###.218.172:23
  • 61.###.199.116:23
  • 20#.##4.114.137:23
  • 48.###.208.36:23
  • 99.##.72.2:23
  • 19#.##.217.68:23
  • 8.###.193.9:23
  • 13.###.244.33:23
  • 20#.##.212.202:23
  • 11#.##.146.160:23
  • 63.###.29.178:23
  • 1.##.177.47:23
  • 18#.##0.253.148:23
  • 10#.##8.177.9:23
  • 15#.##.238.235:23
  • 20#.##.89.238:23
  • 18#.##3.150.55:23
  • 44.###.38.143:23
  • 12#.##8.55.17:23
  • 79.##.99.235:23
  • 17#.##5.125.171:23
  • 15#.##4.221.178:23
  • 31.###.214.66:23
  • 35.##.93.75:23
  • 20#.##7.178.19:23
  • 20#.##2.77.240:23
  • 20#.##8.28.21:23
  • 96.###.203.207:23
  • 20#.##.209.149:23
  • 17#.##7.241.171:23
  • 20.##1.57.26:23
  • 73.##.2.30:23
  • 14.###.62.111:23
  • 90.##9.54.68:23
  • 20#.##2.71.169:23
  • 97.###.181.128:23
  • 16#.#.198.13:23
  • 22#.##3.107.7:23
  • 11#.##.32.143:23
  • 20#.##.133.111:23
  • 40.###.222.100:23
  • 14#.##9.89.76:23
  • 14#.#7.122.0:23
  • 35.###.38.210:23
  • 68.###.127.224:23
  • 18.##.109.69:23
  • 46.###.216.254:23
  • 41.##4.40.26:23
  • 15#.##7.255.239:23
  • 15#.#7.1.43:23
  • 19#.##7.95.77:23
  • 36.###.164.57:23
  • 13#.##5.34.145:23
  • 18#.##.169.206:23
  • 42.##.102.69:23
  • 16#.##.252.216:23
  • 81.##.59.120:23
  • 24.##.136.4:23
  • 14#.##7.244.72:23
  • 19#.##3.100.93:23
  • 12#.##6.243.53:23
  • 21#.##4.23.243:23
  • 1.###.220.150:23
  • 21#.##2.22.112:23
  • 20#.##.82.221:23
  • 10#.##3.215.65:23
  • 11#.##5.114.84:23
  • 10#.##7.48.153:23
  • 77.##7.22.91:23
  • 19#.##1.151.177:23
  • 18#.##3.187.60:23
  • 23.##.120.10:23
  • 91.###.186.17:23
  • 36.###.146.12:23
  • 15#.##.224.126:23
  • 13#.#8.239.1:23
  • 19#.##0.204.75:23
  • 17#.##0.22.232:23
  • 19#.#.25.159:23
  • 8.#.#34.44:23
  • 64.###.87.102:23
  • 13#.##6.129.176:23
  • 16#.##6.132.59:23
  • 12#.##7.54.104:23
  • 19#.##.146.193:23

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number