マイライブラリ
マイライブラリ

+ マイライブラリに追加

電話

お問い合わせ履歴

電話(英語)

+7 (495) 789-45-86

Profile

Linux.Siggen.649

Added to the Dr.Web virus database: 2018-06-03

Virus description added:

Technical Information

Malicious functions:
Removes itself
Substitutes application name for:
  • kma4
Network activity:
Establishes connection:
  • 21#.##7.32.62:62
  • 8.#.8.8:53
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
  • 21#.##.125.243:23
  • 11#.##6.163.71:23
  • 20#.##.254.39:23
  • 15#.##6.216.212:23
  • 23.###.197.213:23
  • 17#.##1.28.37:23
  • 21#.##7.184.194:23
  • 12#.##1.62.207:23
  • 10#.##.173.11:23
  • 15#.##7.108.146:23
  • 14.###.49.213:23
  • 14#.##0.8.255:23
  • 10#.##1.196.90:23
  • 10#.##.70.192:23
  • 12#.##3.229.226:23
  • 17#.##8.204.127:23
  • 16#.##9.17.100:23
  • 13.###.18.137:23
  • 19#.##3.164.4:23
  • 43.###.149.27:23
  • 85.##3.6.246:23
  • 72.###.132.45:23
  • 37.##.164.73:23
  • 16#.##6.222.44:23
  • 87.##1.9.148:23
  • 78.###.218.158:23
  • 59.###.131.159:23
  • 21#.##7.165.227:23
  • 13#.##6.246.124:23
  • 61.###.91.110:23
  • 20#.##0.199.88:23
  • 71.##.224.45:23
  • 12#.##7.195.54:23
  • 19#.##.196.86:23
  • 45.###.196.175:23
  • 42.###.194.203:23
  • 14#.##5.38.113:23
  • 11#.#9.2.254:23
  • 10#.##8.31.190:23
  • 98.###.158.30:23
  • 14#.##2.132.94:23
  • 20#.##.50.230:23
  • 12#.##.253.198:23
  • 86.#.48.43:23
  • 18#.##6.133.119:23
  • 48.##2.77.17:23
  • 19#.##.53.191:23
  • 19#.##7.244.200:23
  • 53.##.189.133:23
  • 18#.##.163.255:23
  • 36.###.62.133:23
  • 10#.##5.253.217:23
  • 17#.##.228.224:23
  • 86.###.17.151:23
  • 14#.##7.216.33:23
  • 18#.##.164.244:23
  • 12#.##5.144.26:23
  • 32.##.228.190:23
  • 90.#.176.190:23
  • 10#.##.107.148:23
  • 90.##.51.186:23
  • 11#.##6.44.61:23
  • 65.##.111.98:23
  • 14#.##7.85.140:23
  • 93.###.161.37:23
  • 82.###.143.81:23
  • 65.##.64.61:23
  • 35.##0.52.69:23
  • 20#.##.91.228:23
  • 14#.##3.133.46:23
  • 19#.##.173.62:23
  • 71.###.159.250:23
  • 59.###.36.206:23
  • 17#.##3.230.27:23
  • 14#.##6.201.209:23
  • 31.##.230.146:23
  • 17#.##9.110.69:23
  • 41.##.182.225:23
  • 61.##.8.209:23
  • 90.##.187.143:23
  • 17#.##7.31.123:23
  • 14#.##7.130.139:23
  • 36.###.94.251:23
  • 12.##.147.165:23
  • 88.###.241.18:23
  • 18#.#.248.13:23
  • 14#.##5.209.151:23
  • 20#.##8.157.30:23
  • 17#.##.161.234:23
  • 21#.##5.41.150:23
  • 68.##4.87.18:23
  • 21#.##2.188.183:23
  • 14.##.51.113:23
  • 21#.##.94.169:23
  • 86.###.171.153:23
  • 64.#.129.136:23
  • 17#.##.247.103:23
  • 87.##.105.234:23
  • 81.##.240.177:23
  • 38.##2.31.45:23
  • 98.##.213.168:23
  • 91.##.142.133:23
  • 93.##.227.170:23
Receives data from the following servers:
  • 21#.##7.32.62:62

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number