Linux.Siggen.2206
Added to the Dr.Web virus database:
2019-10-08
Virus description added:
2019-10-08
Technical Information
Malicious functions:
Launches itself as a daemon
Substitutes application name for:
Kills system processes:
Kills the following processes:
Network activity:
Awaits incoming connections on ports:
Establishes connection:
- 8.#.8.8:53
- 18#.###.105.160:37008
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
- 18#.###.105.160:37008
- 11#.##.87.133:23
- 96.##.2.193:23
- 40.##.17.25:23
- 11#.##7.152.131:23
- 14#.##.25.226:23
- 11#.##.123.80:23
- 13#.##0.151.98:23
- 15#.##.88.138:23
- 17#.#.17.101:23
- 13#.##.158.14:23
- 20#.##.161.96:23
- 14#.##6.136.146:23
- 43.###.42.112:23
- 17#.##.143.173:23
- 13#.##8.40.18:23
- 14#.##1.99.178:23
- 9.##.149.35:23
- 15#.##1.159.70:23
- 10#.#3.47.65:23
- 17#.##4.249.53:23
- 34.###.48.254:23
- 10#.#8.16.92:23
- 16#.##5.98.205:23
- 15#.##8.115.51:23
- 14.###.179.85:23
- 43.###.191.226:23
- 19#.##2.196.144:23
- 15#.##3.12.114:23
- 16#.#7.49.48:23
- 8.##.212.238:23
- 10#.##6.109.116:23
- 81.###.80.110:23
- 12.###.251.99:23
- 78.##.109.175:23
- 16#.##9.169.145:23
- 19#.##0.187.110:23
- 17#.##8.84.16:23
- 22#.##.179.180:23
- 75.###.76.142:23
- 94.##.120.204:23
- 21#.##.174.75:23
- 17#.##4.158.107:23
- 12#.##.217.218:23
- 18#.#.55.50:23
- 21#.#6.45.89:23
- 17#.##4.173.236:23
- 62.##.253.168:23
- 62.###.252.36:23
- 20#.##1.71.70:23
- 19#.##4.187.3:23
- 45.##.79.197:23
- 18#.##.154.33:23
- 14#.#7.55.1:23
- 20#.##0.157.135:23
- 13.##.209.52:23
- 14.###.35.167:23
- 74.##.200.82:23
- 13.##.30.169:23
- 79.##.39.144:23
- 14#.##.252.16:23
- 19#.##0.239.231:23
- 72.###.90.107:23
- 27.###.222.146:23
- 27.###.45.240:23
- 11#.#.87.250:23
- 2.###.49.136:23
- 20#.##8.166.218:23
- 17#.#6.6.91:23
- 17#.##9.247.133:23
- 5.###.193.186:23
- 47.##.105.13:23
- 86.###.193.36:23
- 8.#.#67.112:23
- 80.###.192.109:23
- 21#.##9.166.44:23
- 10#.##.234.212:23
- 23.###.251.10:23
- 14#.##6.252.72:23
- 13#.##.105.212:23
- 44.##.217.210:23
- 12#.##3.246.164:23
- 19#.##.127.249:23
- 75.###.220.38:23
- 43.###.55.213:23
- 19#.#6.32.4:23
- 11#.##8.7.128:23
- 12#.##4.222.181:23
- 60.###.54.167:23
- 10#.##1.162.69:23
Receives data from the following servers:
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
このウェブサイトを継続して訪問する場合、訪問者に関する統計データを収集するためのCookieファイルおよび他のテクノロジーを弊社が利用することに同意したものとします。詳細