Linux.DDoS.383
Added to the Dr.Web virus database:
2020-02-23
Virus description added:
2020-02-23
Technical Information
Malicious functions:
Launches itself as a daemon
Substitutes application name for:
Kills system processes:
Kills the following processes:
Network activity:
Awaits incoming connections on ports:
Establishes connection:
- 8.#.8.8:53
- 45.##.196.75:4862
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
- 45.##.196.75:4862
- 1.###.9.229:23
- 91.##.8.71:23
- 16#.##5.234.156:23
- 21#.#6.8.128:23
- 13#.##2.99.50:23
- 16#.##.15.168:23
- 14#.##5.150.211:23
- 14.##.186.60:23
- 22#.##0.188.102:23
- 19#.#4.39.16:23
- 11#.#6.44.93:23
- 33.###.22.183:23
- 76.##.78.31:23
- 17#.#3.83.13:23
- 11#.##.60.158:23
- 18#.##9.10.246:23
- 13.##.84.106:23
- 55.##.166.178:23
- 6.###.183.10:23
- 19#.##9.177.63:23
- 56.##1.54.67:23
- 16#.##3.51.254:23
- 11#.##5.30.154:23
- 11#.##3.140.46:23
- 17#.##1.6.102:23
- 15#.##1.148.80:23
- 16#.##1.207.92:23
- 52.##.33.210:23
- 22#.##2.146.110:23
- 10#.##2.96.110:23
- 22#.##1.167.244:23
- 32.#.213.240:23
- 20#.##.157.110:23
- 13#.##0.2.151:23
- 46.##.233.15:23
- 11#.##5.107.31:23
- 19#.#.205.159:23
- 30.##.195.188:23
- 14#.##5.242.19:23
- 11#.##3.199.216:23
- 54.###.62.163:23
- 18#.##3.15.231:23
- 42.###.245.86:23
- 72.###.108.242:23
- 57.###.226.14:23
- 75.##.243.234:23
- 9.##.81.152:23
- 99.###.196.217:23
- 10#.#4.17.76:23
- 17#.##.73.139:23
- 12#.##.231.210:23
- 16#.##2.74.145:23
- 21#.##2.188.131:23
- 17#.#60.7.60:23
- 14.###.195.215:23
- 18#.##.142.35:23
- 71.##.107.18:23
- 17#.##3.127.231:23
- 16.##.213.151:23
- 18#.##4.92.250:23
- 46.#.38.189:23
- 17#.##9.52.26:23
- 23.###.135.237:23
- 47.###.99.140:23
- 13.##.180.179:23
- 20#.#.205.131:23
- 96.###.123.188:23
- 24.##6.48.32:23
- 14#.##7.216.114:23
- 16#.##2.218.87:23
- 51.##.52.129:23
- 20#.##5.78.203:23
- 88.###.38.137:23
- 20#.##2.189.14:23
- 25.###.120.205:23
- 29.###.186.108:23
- 26.##.108.66:23
- 75.##.3.234:23
- 16#.##3.171.146:23
- 21#.##7.85.211:23
- 54.##.205.190:23
- 16#.##.155.155:23
- 15#.##.160.165:23
- 80.###.241.120:23
- 76.##.168.82:23
- 84.##2.80.35:23
- 14#.#1.89.48:23
- 10#.##.164.137:23
- 15#.##6.57.144:23
- 11#.##4.104.159:23
Receives data from the following servers:
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
このウェブサイトを継続して訪問する場合、訪問者に関する統計データを収集するためのCookieファイルおよび他のテクノロジーを弊社が利用することに同意したものとします。詳細