Technical Information
Malicious functions:
Removes itself
Modifies firewall settings:
- iptables -I INPUT -p udp -m udp --dport 15249 -j ACCEPT
Network activity:
Awaits incoming connections on ports:
- 127.0.0.1:30498
- 0.0.0.0:15249
Establishes connection:
- 8.#.8.8:53
- [:##]:15249
- 127.0.0.1:15249
HTTP GET requests:
- http://##.##.58.181/
Sends data to the following servers:
- 81.###.53.150:29189
- 51.###.202.155:8080
- 20#.##.151.200:8080
- 19#.##.166.227:8080
- 15#.##.209.108:8080
- 51.##.83.98:8080
- 65.##.236.103:8080
- 63.###.224.47:8080
- 16#.##.154.71:8080
- 36.###.200.117:8080
- 24#.###.156.183:8080
- 53.###.247.109:8080
- 11#.##.39.64:8080
- 17#.##.145.5:8080
- 52.###.39.246:8080
- 76.###.195.179:8080
- 1.###.40.108:8080
- 13#.##9.186.61:8080
- 21#.###.123.132:8080
- 47.###.78.67:8080
- 19#.##.242.208:8080
- 15#.###.111.192:8080
- 25#.###.147.254:8080
- 23#.##9.81.77:8080
- 19#.##.29.173:8080
- 23#.##.156.83:8080
- 16#.##5.70.86:8080
- 18.###.8.236:8080
- 38.###.105.95:8080
- 1.###.101.59:8080
- 22#.##0.6.158:8080
- 62.###.188.166:8080
- 20#.###.100.218:8080
- 13#.##4.7.29:8080
- 14#.##5.13.92:8080
- 14#.##.99.251:8080
- 27.###.153.174:8080
- 13#.###.132.146:8080
- 66.###.24.36:8080
- 11#.###.166.166:8080
- 16#.##3.33.246:8080
- 14.##.20.206:8080
- 75.##.187.82:8080
- 17#.##.153.241:8080
- 19#.##.221.163:8080
- 20#.##.180.206:8080
- 13#.##6.166.76:8080
- 20#.##.143.215:8080
- 49.##.144.194:8080
- 23.###.62.30:8080
- 10.##.252.45:8080
- 13#.##2.118.60:8080
- 18#.###.208.170:8080
- 24#.###.160.168:8080
- 58.##.194.188:8080
- 65.###.150.227:8080
- 16#.##.125.142:8080
- 98.###.6.224:8080
- 24#.##3.179.48:8080
- 21#.##.201.217:8080
- 31.###.63.37:8080
- 91.###.17.184:8080
- 14#.##.112.40:8080
- 15#.##6.213.65:8080
- 25#.##.40.151:8080
- 72.###.22.228:8080
- 12.###.77.126:8080
- 14#.###.240.248:8080
- 81.##.7.39:8080
- 24#.##5.60.20:8080
- 15#.###.237.135:8080
- 25#.##.192.43:8080
- 57.###.243.118:8080
- 22#.##.66.11:8080
- 22#.##5.17.78:8080
- 9.###.33.202:8080
- 10#.##3.92.31:8080
- 14#.##.186.107:8080
- 12#.##.79.15:8080
- 15#.#.75.129:8080
- 20#.###.144.176:8080
- 66.###.218.176:8080
- 21#.###.108.158:8080
- 67.###.68.115:8080
- 32.###.143.130:8080
- 97.###.226.66:8080
- 43.###.185.38:8080
- 17.###.141.227:8080
- 11#.##.52.68:8080
- 87.###.159.99:8080
- 17#.##0.35.163:8080
- 27.###.126.120:8080
- 4.###.105.4:8080
- 14#.##.50.210:8080
- 68.##.197.54:8080
- 21#.##3.65.108:8080
- 24#.##.2.127:8080
- 15#.##4.11.91:8080
- 11#.##5.92.15:8080
- 24.###.180.135:8080
- 20#.##.181.229:8080
- 68.###.23.179:8080
- 23.###.39.132:8080
- 81.###.36.229:8080
- 32.###.98.12:8080
- 27.##.239.223:8080
- 20#.##.67.102:8080
- 87.###.43.198:8080
- 25#.##.246.195:8080
- 75.##.156.253:8080
- 72.###.156.87:8080
- 21#.###.248.107:8080
- 32.###.126.2:8080
- 82.##.174.21:8080
- 20#.##5.7.23:8080
- 17#.###.233.164:8080
- 21#.###.255.224:8080
- 17#.##.40.27:8080
- 17#.##2.180.46:8080
- 20#.##.250.183:8080
- 24#.##.30.9:8080
- 14#.##6.74.47:8080
- 65.##.248.234:8080
- 21#.##1.56.220:8080
- 47.###.236.242:8080
- 46.###.197.190:8080
- 23#.##.231.68:8080
- 52.###.198.21:8080
- 22#.#.132.145:8080
- 18#.###.198.166:8080
- 10#.##.32.116:8080
- 20.###.110.227:8080
- 22#.##.194.153:8080
- 11#.##2.73.197:8080
- 84.##.63.93:8080
- 13#.##4.105.21:8080
- 11#.##8.42.227:8080
- 4.###.142.76:8080
- 77.##.221.110:8080
- 21#.##5.184.0:8080
- 11#.##.255.202:8080
- 37.##.133.202:8080
- 15#.###.106.200:8080
- 10.###.226.131:8080
- 23#.###.252.142:8080
- 17#.##8.94.73:8080
- 14#.##.65.65:8080
- 24.###.91.101:8080
- 10#.##0.23.75:8080
- 76.##.109.215:8080
- 22#.##.42.55:8080
- 14#.##6.204.68:8080
- 22#.##4.93.151:8080
- 4.##.58.35:8080
- 63.##.207.78:8080
- 14#.##7.11.36:8080
- 37.##.177.87:8080
- 23.###.211.56:8080
- 20#.##.6.67:8080
- 25#.##9.69.77:8080
- 19#.##8.218.0:8080
- <LOCAL_GATE>:8080
- 42.###.247.80:33832
- 24#.##.136.67:80
- 10#.#29.0.43:80
- 16#.##1.85.163:80
- 18#.##.53.119:80
- 12#.##4.10.117:80
- 59.#.161.179:80
- 31.##7.84.95:80
- 52.###.102.66:80
- 24#.##4.114.249:80
- 18#.#2.55.25:80
- 17#.##4.96.67:80
- 52.###.206.233:80
- 46.##.96.221:80
- 58.##.6.241:80
- 32.###.217.184:80
- 22#.##2.158.56:80
- 20#.##3.243.6:80
- 11#.##9.139.63:80
- 9.##.147.126:80
- 15#.##.227.171:80
- 22#.##0.241.24:80
- 24#.#.32.105:80
- 15#.##2.42.48:80
- 98.###.222.243:80
- 2.##.115.104:80
- 25#.##.193.119:80
- 19.###.184.248:80
- 59.###.190.249:80
- 14.###.221.10:80
- 19#.##3.167.63:80
- 10#.##0.18.187:80
- 13#.##5.47.190:80
- 81.###.12.214:80
- 14#.##4.151.154:80
- 13.##.141.75:80
- 5.##.248.181:80
- 27.##.193.61:80
- 17#.##.161.234:80
- 19#.##2.110.44:80
- 19#.##8.225.240:80
- 10#.##7.68.180:80
- 80.##.32.162:80
- 22#.##5.118.104:80
- 16#.##.209.188:80
- 68.##1.13.93:80
- 92.##.228.62:80
- 21#.##.74.208:80
- 21#.##1.231.176:80
- 11#.##.136.190:80
- 23#.##1.62.106:80
- 94.##5.64.68:80
- 15#.##7.121.249:80
- 10#.##.187.235:80
- 15#.##.142.151:80
- 2.###.239.143:80
- 22#.#.210.183:80
- 18#.##.157.79:80
- 82.###.233.214:80
- 14#.##.180.85:80
- 18#.##.233.228:80
- 72.#.127.127:80
- 25#.##7.190.43:80
- 18#.##1.213.29:80
- 5.##.93.252:80
- 13#.##8.86.164:80
- 17#.##3.247.190:80
- 24#.##3.227.217:80
- 22#.##1.229.87:80
- 65.##.132.104:80
- 16#.##.48.172:80
- 88.##.80.39:80
- 98.##4.43.76:80
- 20#.##0.200.61:80
- 10#.##3.95.107:80
- 18.#.111.189:80
- 40.###.249.213:80
- 51.##.211.81:80
- 22#.##.253.81:80
- 78.##.172.130:80
- 23#.##6.218.91:80
- 22#.##.222.88:80
- 24#.#.131.114:80
- 15#.#77.6.48:80
- 17#.##8.142.191:80
- 12#.#.64.22:80
- 12#.#89.2.76:80
- 21#.##7.251.53:80
- 15#.##8.125.107:80
- 76.##.44.209:80
- 15#.##4.83.13:80
- 15#.##5.157.0:80
- 37.###.31.120:80
- 16#.##3.6.191:80
- 78.##0.11.36:80
- 15#.##3.253.185:80
- 21#.##8.143.37:80
- 24#.#.11.125:80
- 10#.##0.76.82:80
- 25#.##.58.231:80
- 81.###.249.50:80
- 18#.##9.26.88:80
- 19#.##.181.182:80
- 45.##.154.21:80
- 16#.##.164.187:80
- 18#.#4.10.97:80
- 19#.##6.61.221:80
- 25#.##8.122.184:80
- 24#.##.84.228:80
- 16#.##3.72.54:80
- 19#.##6.49.72:80
- 11#.#.234.54:80
- 25#.##.85.201:80
- 10#.##.117.189:80
- 14#.#9.44.97:80
- 14#.##2.235.250:80
- 11#.##3.231.215:80
- 11#.##9.194.13:80
- 13.##4.246.1:80
- 20#.##5.139.226:80
- 17#.#2.69.46:80
- 22#.##8.14.139:80
- 50.###.141.167:80
- 10#.##9.8.204:80
- 12.###.151.243:80
- 10#.##3.65.38:80
- 17#.##8.16.46:80
- 79.###.246.248:80
- 14#.##6.110.164:80
- 70.#.187.11:80
- 47.#.106.219:80
- 24#.##8.151.195:80
- 19#.##3.248.55:80
- 19#.##.137.199:80
- 12#.##0.197.205:80
- 15#.#94.5.95:80
- 25#.##6.22.140:80
- 17#.##1.237.15:80
- 18#.##.173.13:80
- 16#.##9.142.36:80
- 16#.##1.37.93:80
- 49.###.220.44:80
- 23#.##.43.173:80
- 18#.##.34.162:80
- 22#.##5.20.166:80
- 19#.##.224.79:80
- 15#.##.232.50:80
- 13#.##9.9.174:80
- 38.###.57.101:80
- 90.###.195.32:80
- 95.##.36.172:80
- 15#.#.23.157:80
- 11#.#1.182.8:80
- 19#.##1.67.30:80
- 22#.##.172.213:80
- 10#.#51.41.4:80
- 11#.##7.235.173:80
- 15#.##.254.245:80
- 10#.#8.57.83:80
- 25#.##9.253.63:80
- 21#.##.229.221:80
- 19#.##8.218.2:80
- 19#.##8.218.3:80