Linux.Mirai.2232
Added to the Dr.Web virus database:
2019-02-16
Virus description added:
2019-02-15
Technical Information
Malicious functions:
Removes itself
Launches itself as a daemon
Substitutes application name for:
- enivjq2aota9oaigwb07goqgmdru
Network activity:
Awaits incoming connections on ports:
- 127.0.0.1:34842
- 0.0.0.0:23
Establishes connection:
- 8.#.8.8:53
- 16#.##2.93.40:80
Sends data to the following servers:
- 93.##.22.100:80
- 14#.##.113.149:5555
- 14#.##8.242.100:80
- 71.###.217.175:80
- 10#.##4.118.100:80
- 17#.###.242.100:5555
- 18#.###.215.175:5555
- 10#.##7.156.36:80
- 89.##3.137.3:80
- 16#.##4.74.92:80
- 16#.#7.96.63:80
- 89.###.255.222:80
- 36.###.59.246:80
- 16#.##2.93.40:80
- 84.###.184.101:5555
- 20#.##.245.73:5555
- 13.##.155.137:5555
- 20#.##8.59.221:80
- 16#.##.210.238:80
- 17#.##4.148.36:80
- 23.##.84.115:80
- 11#.##.168.202:80
- 35.##.93.145:80
- 53.###.89.251:80
- 12#.###.204.146:5555
- 80.###.76.113:5555
- 11#.##2.27.24:80
- 39.##4.71.78:80
- 10#.#5.106.5:80
- 48.##2.1.230:80
- 20.###.164.43:80
- 19#.##.136.200:5555
- 12#.###.251.202:5555
- 15#.##.162.110:5555
- 10#.##4.157.39:5555
- 64.###.254.146:5555
- 20#.###.132.200:5555
- 61.#.131.75:80
- 11#.##.103.48:80
- 89.##.174.52:80
- 45.###.86.102:80
- 11#.##.219.10:80
- 54.###.141.95:80
- 19#.#8.8.223:80
- 15#.##.29.191:80
- 13#.##3.77.173:80
- 13.##7.64.49:80
- 15#.###.175.135:5555
- 71.###.63.166:5555
- 38.##7.79.43:80
- 77.###.93.216:80
- 19.###.229.137:80
- 19#.##2.159.235:80
- 18#.###.179.176:5555
- 11#.##.59.148:5555
- 10#.###.242.222:5555
- 65.##.2.42:5555
- 21#.#6.39.34:80
- 11#.##.80.222:80
- 12#.##1.222.127:80
- 15#.##.114.30:80
- 11#.##9.35.100:80
- 14#.#44.75.3:80
- 9.###.18.228:80
- 2.###.152.104:5555
- 17#.##6.110.74:5555
- 8.##.#11.101:5555
- 14#.##0.35.95:5555
- 12#.##.149.80:5555
- 83.##8.50.59:80
- 17#.##.142.254:80
- 52.###.184.242:80
- 17#.##3.125.15:5555
- 38.###.65.232:5555
- 73.###.125.150:80
- 17#.##4.57.123:80
- 65.###.21.213:80
- 17#.##6.69.77:80
- 17#.##9.22.138:80
- 11#.##9.227.106:80
- 59.##.156.116:80
- 21#.##7.41.109:5555
- 18#.##2.20.135:5555
- 12#.##.66.70:5555
- 21#.##.109.147:80
- 40.##.12.137:80
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
このウェブサイトを継続して訪問する場合、訪問者に関する統計データを収集するためのCookieファイルおよび他のテクノロジーを弊社が利用することに同意したものとします。詳細