La mia libreria
La mia libreria

+ Aggiungi alla libreria

Supporto
Supporto 24/7 | Regole per contattare

Richieste

Profile

Linux.Packed.940

Aggiunto al database dei virus Dr.Web: 2020-10-02

La descrizione è stata aggiunta:

Technical Information

Malicious functions:
Removes itself
Launches itself as a daemon
Substitutes application name for:
  • iz5knfgyrjft1ikmtrwhjwwv
Network activity:
Awaits incoming connections on ports:
  • 19#.##8.216.50:3467
Establishes connection:
  • 8.#.8.8:53
  • 5.###.227.140:4321
  • 5.###.227.140:7685
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
  • 5.###.227.140:4321
  • 5.###.227.140:7685
  • 0.0.0.0:0
  • 53.##.16.109:23
  • 25#.##0.69.250:23
  • 58.##.59.123:23
  • 97.###.95.151:23
  • 17#.##.243.197:23
  • 42.###.95.237:23
  • 43.###.121.30:23
  • 29.##.0.243:23
  • 91.##.219.33:23
  • 24#.##.255.114:23
  • 25#.##9.240.150:23
  • 16#.##3.148.74:23
  • 12#.##.155.216:23
  • 48.###.14.186:23
  • 42.##.110.125:23
  • 54.###.201.45:23
  • 20#.##6.219.190:23
  • 20#.##2.15.46:23
  • 10#.##3.170.188:23
  • 12#.##5.121.30:23
  • 12#.#1.5.234:23
  • 12#.##.38.205:23
  • 33.##.204.78:23
  • 21#.##0.26.116:23
  • 1.###.72.177:23
  • 61.###.199.224:23
  • 25.###.150.74:23
  • 14#.#4.32.54:23
  • 22#.#1.54.92:23
  • 43.###.57.207:23
  • 12#.##4.21.71:23
  • 19#.##5.18.173:23
  • 13#.##2.47.75:23
  • 19#.##8.18.73:23
  • 36.#.243.105:23
  • 47.##.188.86:23
  • 28.##.235.17:23
  • 42.###.240.232:23
  • 51.##.58.52:23
  • 54.###.177.19:23
  • 79.##.59.117:23
  • 32.##.4.71:23
  • 10#.##3.196.150:23
  • 71.###.131.137:23
  • 25#.##6.11.147:23
  • 16#.##3.124.128:23
  • 14#.##.180.231:23
  • 81.###.234.202:23
  • 16#.##.122.32:23
  • 18#.##0.215.134:23
  • 11#.##.92.179:23
  • 12.###.118.247:23
  • 12#.##.228.154:23
  • 22#.#1.95.91:23
  • 23#.##9.173.93:23
  • 10.##.91.230:23
  • 84.###.251.191:23
  • 10.###.119.194:23
  • 61.###.247.166:23
  • 20#.##.151.145:23
  • 12#.##2.176.128:23
  • 15#.##4.149.194:23
  • 13#.##1.14.99:23
  • 14#.##0.116.15:23
  • 96.###.147.77:23
  • 81.##.254.61:23
  • 24#.##2.188.101:23
  • 17#.#3.15.48:23
  • 24#.##4.193.50:23
  • 20#.##.127.170:23
  • 51.##.118.238:23
  • 11#.##7.151.1:23
  • 57.##.55.14:23
  • 66.###.138.101:23
  • 46.#.171.240:23
  • 91.##5.87.7:23
  • 17#.##0.152.5:23
  • 55.##6.67.30:23
  • 14#.##3.152.197:23
  • 11#.#2.66.42:23
  • 32.###.41.230:23
  • 19#.##6.19.10:23
  • 21#.#6.8.107:23
  • 21#.##.118.124:23
  • 16#.##9.72.230:23
  • 24#.##.190.149:23
  • 11#.##8.31.172:23
  • 22#.##3.249.128:23
  • 22#.##.48.130:23
  • 21#.##7.41.152:23
  • 10#.##9.145.14:23
  • 25#.##9.144.121:23
  • 17#.##4.27.146:23
  • 15#.##.19.229:23
  • 32.##.198.59:23
  • 81.###.212.209:23
  • 25#.##9.142.175:23
  • 21#.##.151.251:23
  • 19#.##.58.112:23
  • 19.##.173.94:23
  • 16#.##.60.184:23
  • 19#.##.248.242:23
  • 21.##4.85.90:23
  • 16#.##.49.135:23
  • 19.##.57.64:23
  • 13#.##.133.49:23
  • 70.###.38.238:23
  • 71.###.127.105:23
  • 19#.##1.102.141:23
  • 23#.##6.218.79:23
  • 26.##.116.179:23
  • 17.###.55.173:23
  • 18#.##4.145.119:23
  • 18#.##.243.26:23
  • 24#.##9.202.12:23
  • 38.##.243.220:23
  • 89.###.182.31:23
  • 66.##.145.197:23
  • 46.##.175.43:23
  • 15#.##.111.40:23
  • 14#.##2.84.190:23
  • 23#.##0.24.170:23
  • 36.#.214.9:23
  • 13#.##2.206.175:23
  • 10#.##.120.74:23
  • 84.###.175.129:23
  • 98.###.231.108:23
  • 29.###.183.46:23
  • 13#.##9.74.209:23
  • 6.##.213.38:23
  • 20#.##.103.67:23
  • 2.###.47.70:23
  • 83.##.15.170:23
  • 68.##.85.196:23
  • 10#.##.109.155:23
  • 38.###.225.208:23
  • 15#.##2.38.55:23
  • 96.##.3.225:23
  • 90.###.48.251:23
  • 8.###.123.212:23
  • 11#.##1.246.119:23
  • 31.##4.25.16:23
  • 22#.##4.66.176:23
  • 12#.##.103.70:23
  • 15#.##0.255.177:23
  • 37.##.92.18:23
  • 18#.##4.254.118:23
  • 14#.##.45.124:23
  • 19#.##7.81.19:23
  • 10#.##.196.73:23
  • 23#.##7.192.100:23
  • 98.##.25.139:23
  • 27.###.206.159:23
  • 2.###.223.7:23
  • 82.##.78.16:23
  • 22#.##7.156.162:23
  • 23#.#7.9.162:23
  • 22#.##5.139.190:23
  • 21#.##.22.166:23
  • 15#.##5.254.73:23
  • 16.##.188.82:23
  • 33.#.85.7:23
  • 12#.##0.166.72:23
  • 16#.##.130.97:23
  • 22#.##1.251.188:23
  • 59.###.67.105:23
  • 22#.#4.27.36:23
  • 23#.##.198.48:23
  • 16#.#6.97.82:23
  • 15#.##3.181.242:23
Receives data from the following servers:
  • 5.###.227.140:7685

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number