マイライブラリ
マイライブラリ

+ マイライブラリに追加

電話

お問い合わせ履歴

電話(英語)

+7 (495) 789-45-86

Profile

Linux.Packed.942

Added to the Dr.Web virus database: 2020-10-03

Virus description added:

Technical Information

Malicious functions:
Removes itself
Launches itself as a daemon
Substitutes application name for:
  • 2kmscgmqetockvisa5bv
Network activity:
Awaits incoming connections on ports:
  • 19#.##8.218.50:3467
Establishes connection:
  • 8.#.8.8:53
  • 5.###.227.140:4321
  • 5.###.227.140:7685
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
  • 5.###.227.140:4321
  • 5.###.227.140:7685
  • 0.0.0.0:0
  • 21.###.88.199:23
  • 16.##.71.134:23
  • 12#.##6.93.13:23
  • 65.##.152.101:23
  • 11#.##.110.22:23
  • 22#.##.64.177:23
  • 19#.##.160.156:23
  • 24.##.245.27:23
  • 14#.##.37.249:23
  • 23#.#9.83.23:23
  • 13#.##2.192.30:23
  • 19.###.215.228:23
  • 20#.##.101.181:23
  • 11#.##4.22.107:23
  • 16#.##8.90.245:23
  • 15#.##9.72.140:23
  • 23#.##2.162.218:23
  • 43.###.182.95:23
  • 21#.##7.140.157:23
  • 21#.#8.31.27:23
  • 19#.##9.173.89:23
  • 22#.##.202.85:23
  • 24#.#5.4.3:23
  • 16#.##8.226.62:23
  • 13#.#1.6.75:23
  • 31.###.250.55:23
  • 19#.##.255.204:23
  • 20#.##0.189.219:23
  • 73.###.90.190:23
  • 20#.##5.165.131:23
  • 21#.##6.88.71:23
  • 18#.##5.120.95:23
  • 16#.##.12.135:23
  • 17#.##1.20.119:23
  • 18#.##.193.113:23
  • 21#.##2.143.71:23
  • 25#.##0.234.242:23
  • 98.###.141.203:23
  • 12#.##5.249.117:23
  • 14#.##5.197.184:23
  • 11#.##4.142.78:23
  • 21#.##1.40.122:23
  • 24#.##6.67.92:23
  • 18#.#.191.104:23
Receives data from the following servers:
  • 5.###.227.140:7685
  • 5.###.227.140:4321

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number