Per il corretto funzionamento del sito, è necessario attivare il supporto di JavaScript nel browser.
Linux.Siggen.3185
Aggiunto al database dei virus Dr.Web:
2020-07-02
La descrizione è stata aggiunta:
2020-07-01
Technical Information
To ensure autorun and distribution:
Creates or modifies the following files:
/etc/init.d/anacroni
/etc/init.d/.depend.boot
/etc/init.d/.depend.start
/etc/init.d/.depend.stop
Creates or modifies the following symlinks:
/etc/rc0.d/K02exim4
/etc/rc0.d/K08umountfs
/etc/rc0.d/K05umountnfs.sh
/etc/rc0.d/K03sendsigs
/etc/rc0.d/K04rsyslog
/etc/rc0.d/K07networking
/etc/rc0.d/K07hwclock.sh
/etc/rc0.d/K06rpcbind
/etc/rc0.d/K10halt
/etc/rc0.d/K09umountroot
/etc/rc0.d/K06nfs-common
/etc/rc0.d/K01anacroni
/etc/rc1.d/K02exim4
/etc/rc1.d/K04rsyslog
/etc/rc1.d/K06rpcbind
/etc/rc1.d/K06nfs-common
/etc/rc1.d/K01anacroni
/etc/rc2.d/S02anacroni
/etc/rc3.d/S02anacroni
/etc/rc4.d/S02anacroni
/etc/rc5.d/S02anacroni
/etc/rc6.d/K02exim4
/etc/rc6.d/K08umountfs
/etc/rc6.d/K05umountnfs.sh
/etc/rc6.d/K03sendsigs
/etc/rc6.d/K04rsyslog
/etc/rc6.d/K07networking
/etc/rc6.d/K07hwclock.sh
/etc/rc6.d/K06rpcbind
/etc/rc6.d/K09umountroot
/etc/rc6.d/K10reboot
/etc/rc6.d/K06nfs-common
/etc/rc6.d/K01anacroni
Malicious functions:
Launches itself as a daemon
Manages services:
update-rc.d anacroni defaults 95
systemctl daemon-reload
service anacroni start
Launches processes:
sh -c cp -f <SAMPLE_FULL_PATH> /bin/anacroni
cp -f <SAMPLE_FULL_PATH> /bin/anacroni
sh -c touch -r /bin/sh /etc/init.d/anacroni
touch -r /bin/sh /etc/init.d/anacroni
sh -c chmod 777 /etc/init.d/anacroni
chmod 777 /etc/init.d/anacroni
sh -c chkconfig --add anacroni
sh -c chkconfig anacroni on
sh -c update-rc.d anacroni defaults 95
/sbin/insserv anacroni
sh -c service anacroni start
Performs operations with the file system:
Modifies file access rights:
Creates or modifies files:
Deletes files:
/etc/rc0.d/K01exim4
/etc/rc0.d/K07umountfs
/etc/rc0.d/K04umountnfs.sh
/etc/rc0.d/K02sendsigs
/etc/rc0.d/K03rsyslog
/etc/rc0.d/K06networking
/etc/rc0.d/K06hwclock.sh
/etc/rc0.d/K05rpcbind
/etc/rc0.d/K09halt
/etc/rc0.d/K08umountroot
/etc/rc0.d/K05nfs-common
/etc/rc1.d/K01exim4
/etc/rc1.d/K03rsyslog
/etc/rc1.d/K05rpcbind
/etc/rc1.d/K05nfs-common
/etc/rc6.d/K01exim4
/etc/rc6.d/K07umountfs
/etc/rc6.d/K04umountnfs.sh
/etc/rc6.d/K02sendsigs
/etc/rc6.d/K03rsyslog
/etc/rc6.d/K06networking
/etc/rc6.d/K06hwclock.sh
/etc/rc6.d/K05rpcbind
/etc/rc6.d/K08umountroot
/etc/rc6.d/K09reboot
/etc/rc6.d/K05nfs-common
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
Scaricate Dr.Web per Android
Gratis per 3 mesi
Tutti i componenti di protezione
Rinnovo versione di prova tramite AppGallery/Google Pay
Continuando a utilizzare questo sito, l'utente acconsente al nostro utilizzo di file Cookie e di altre tecnologie per la raccolta di informazioni statistiche sui visitatori. Per maggiori informazioni
OK