マイライブラリ
マイライブラリ

+ マイライブラリに追加

電話

お問い合わせ履歴

電話(英語)

+7 (495) 789-45-86

Profile

Linux.Packed.1005

Added to the Dr.Web virus database: 2020-11-13

Virus description added:

Technical Information

Malicious functions:
Removes itself
Launches itself as a daemon
Substitutes application name for:
  • /lib/systemd/systemd-logind
Kills the following processes:
  • <SAMPLE>
Performs operations with the file system:
Creates or modifies files:
  • <SAMPLE_FULL_PATH>
Network activity:
Awaits incoming connections on ports:
  • 19#.##8.213.50:3467
Establishes connection:
  • 8.#.8.8:53
  • 18#.###.111.199:4321
  • 18#.###.111.199:7685
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
  • 18#.###.111.199:4321
  • 18#.###.111.199:7685
  • 0.0.0.0:0
  • 14#.##3.68.35:23
  • 70.##.100.247:23
  • 22#.##.172.180:23
  • 15#.##6.67.232:23
  • 18#.##5.42.191:23
  • 17#.##6.200.168:23
  • 15#.##0.115.83:23
  • 26.##.196.27:23
  • 7.###.200.94:23
  • 41.###.159.66:23
  • 16#.##7.188.121:23
  • 14#.##.63.244:23
  • 21#.##.210.49:23
  • 17#.##7.221.220:23
  • 21#.##.55.237:23
  • 18#.##3.12.13:23
  • 85.###.37.213:23
  • 12#.##5.188.88:23
  • 14#.#3.41.52:23
  • 55.##.184.44:23
  • 18#.##0.240.114:23
  • 64.##.113.124:23
  • 18#.##9.174.127:23
  • 48.##.52.55:23
  • 22#.##.139.122:23
  • 12#.##.39.242:23
  • 87.##.100.186:23
  • 58.##.27.152:23
  • 67.###.11.127:23
  • 11#.##3.227.29:23
  • 15#.##0.78.88:23
  • 22#.##3.206.146:23
  • 21#.##0.100.155:23
  • 46.###.38.101:23
  • 45.###.228.189:23
  • 71.#.121.13:23
  • 10#.##2.99.211:23
  • 16#.#.107.249:23
  • 93.##5.9.13:23
  • 10#.##6.209.56:23
  • 13.#.241.41:23
  • 22#.##.88.119:23
  • 15#.##6.205.195:23
  • 26.###.96.146:23
  • 75.##.248.178:23
  • 18#.#05.9.70:23
  • 11#.#6.13.65:23
  • 15#.##7.205.173:23
  • 14#.##4.203.255:23
  • 33.###.139.59:23
  • 18#.##7.243.136:23
  • 96.###.198.95:23
  • 33.###.209.134:23
  • 13#.##2.45.78:23
  • 24#.##8.101.43:23
  • 13.#.201.61:23
  • 3.##.166.147:23
  • 22.###.143.14:23
  • 14#.##.115.96:23
  • 14#.##.125.120:23
  • 78.###.251.243:23
  • 8.###.148.0:23
  • 67.##1.252.2:23
  • 11#.##.207.117:23
  • 21#.##3.253.90:23
  • 15#.##8.236.153:23
  • 20#.##3.111.153:23
  • 25#.#9.1.139:23
  • 37.###.176.41:23
  • 23#.##6.251.228:23
  • 22#.##.224.234:23
  • 20#.##2.115.251:23
  • 21#.##9.80.13:23
  • 67.###.50.246:23
  • 76.###.222.217:23
  • 18#.##5.196.226:23
  • 12#.##.19.135:23
  • 19#.##7.192.108:23
  • 13#.##5.67.67:23
  • 22#.##4.240.192:23
  • 17#.#9.91.2:23
  • 44.##.226.108:23
  • 16#.##.169.239:23
  • 22#.##7.148.37:23
  • 10#.#89.61.2:23
  • 22#.##.156.65:23
  • 18#.##.66.178:23
  • 15#.##.37.153:23
  • 23#.##0.114.29:23
  • 14#.##8.162.224:23
  • 49.###.146.85:23
  • 13#.##5.143.120:23
  • 1.##.48.140:23
  • 24#.##0.24.192:23
  • 12#.#3.98.62:23
  • 21#.#1.240.6:23
  • 25#.##1.108.236:23
  • 24#.##1.245.185:23
  • 15#.##.101.69:23
  • 12#.##.87.247:23
  • 2.##.23.47:23
  • 17#.##5.82.56:23
  • 89.###.244.10:23
  • 13#.##0.190.226:23
  • 24#.##3.153.133:23
  • 23#.##5.154.228:23
  • 18#.##.217.57:23
  • 20#.##.110.125:23
  • 90.##.166.185:23
  • 17#.##9.100.113:23
  • 10#.##9.234.55:23
  • 23.###.19.250:23
  • 10#.##.134.14:23
  • 24#.##4.87.10:23
  • 17#.#.123.81:23
  • 22#.##.77.205:23
  • 19#.##7.82.121:23
  • 16#.##7.251.26:23
  • 16#.##.123.169:23
  • 20.##.37.187:23
  • 14#.##1.233.124:23
  • 3.###.222.15:23
  • 19#.##9.20.132:23
  • 12#.##1.60.115:23
  • 14#.##.130.24:23
  • 14#.##8.138.148:23
  • 21#.##.54.197:23
  • 24#.#7.15.64:23
  • 68.###.142.226:23
  • 24#.##5.93.58:23
  • 16#.##7.239.105:23
  • 25#.##.17.146:23
  • 14.###.254.134:23
  • 13#.##.29.110:23
  • 18#.##.252.181:23
  • 22#.##3.48.149:23
  • 12#.##6.72.220:23
  • 13#.##.147.207:23
  • 10#.##2.121.221:23
  • 98.##9.65.42:23
  • 11#.##0.155.150:23
  • 25.###.137.236:23
  • 5.###.223.96:23
  • 50.##.176.188:23
  • 68.##.120.29:23
  • 50.###.109.193:23
  • 21#.##3.59.32:23
  • 14#.##2.231.181:23
  • 45.#.222.226:23
  • 13#.##9.234.35:23
  • 14#.##7.46.88:23
  • 16#.##.58.193:23
  • 66.###.70.231:23
  • 59.###.78.147:23
  • 43.###.151.140:23
  • 20#.##.45.193:23
  • 24#.##.216.178:23
  • 20#.##2.120.8:23
  • 31.###.212.40:23
  • 11#.##1.203.55:23
  • 12#.##2.255.36:23
  • 13.##.167.65:23
  • 11#.##.196.111:23
  • 10#.##6.102.239:23
  • 24#.#9.80.21:23
  • 19#.#2.224.0:23
  • 23#.##.128.235:23
  • 12#.##.169.35:23
  • 23#.#5.84.16:23
  • 83.###.178.164:23
  • 22#.##7.203.184:23
  • 64.##3.78.56:23
  • 12#.##7.225.39:23
  • 41.###.129.135:23
  • 81.###.161.179:23
  • 10#.##2.221.95:23
  • 7.###.96.248:23
  • 89.###.18.190:23
  • 53.###.165.252:23
  • 12#.##.76.147:23
  • 15#.##.214.169:23
  • 17#.##2.43.214:23
  • 14#.##8.235.232:23
  • 87.###.135.130:23
  • 64.###.168.214:23
  • 77.##.161.193:23
  • 99.###.207.236:23
  • 12.###.241.163:23
  • 30.###.108.176:23
  • 23#.##0.176.184:23
  • 10#.##0.132.8:23
  • 21#.##1.110.244:23
  • 21#.##4.102.19:23
  • 53.##.250.120:23
  • 17#.##.67.183:23
  • 19#.##0.164.153:23
  • 86.###.120.159:23
  • 30.###.198.131:23
  • 22#.##1.18.188:23
  • 28.##.213.222:23
  • 87.##.18.216:23
  • 22#.##3.54.170:23
  • 23#.#.34.44:23
  • 10#.##3.158.102:23
  • 10#.##6.211.173:23
  • 15#.##2.35.153:23
  • 13.##.250.190:23
  • 59.###.44.184:23
  • 76.##7.28.73:23
  • 84.##.52.126:23
  • 19#.##.10.170:23
  • 22#.##5.148.48:23
  • 50.##6.44.72:23
  • 16#.##.146.145:23
  • 17#.##3.204.175:23
  • 17#.#.83.143:23
  • 41.###.124.125:23
  • 13#.##7.53.94:23
  • 17#.#2.4.232:23
  • 14#.##.209.248:23
  • 23#.##4.183.62:23
  • 11#.#.65.254:23
  • 1.##.55.224:23
  • 37.#.221.129:23
  • 22#.##.151.183:23
  • 23#.##9.9.153:23
  • 94.###.120.30:23
  • 43.##.30.206:23
  • 17#.##.118.183:23
  • 19#.#25.0.48:23
  • 86.##4.83.50:23
  • 21#.##5.112.244:23
  • 55.###.241.79:23
  • 15#.##7.129.7:23
  • 63.##.126.133:23
  • 12#.##1.61.135:23
  • 84.##.110.97:23
  • 13#.##.129.71:23
  • 12#.##0.77.39:23
  • 16#.##3.89.49:23
  • 19#.##2.180.159:23
  • 20#.#8.31.84:23
  • 24#.##1.69.235:23
  • 16#.#.83.168:23
  • 23.##.244.42:23
  • 78.###.25.188:23
  • 1.###.246.235:23
  • 89.##.16.123:23
  • 77.###.196.30:23
  • 33.##.170.161:23
  • 84.##8.17.74:23
  • 31.##.215.57:23
  • 11#.##1.204.3:23
  • 14#.##0.28.169:23
  • 8.###.185.68:23
  • 31.##1.83.45:23
  • 21#.##.39.247:23
  • 22.###.250.106:23
  • 33.###.135.215:23
  • 63.##8.50.81:23
  • 64.###.123.49:23
  • 20#.#0.90.38:23
  • 11#.##2.234.111:23
  • 11#.##8.146.204:23
  • 74.###.126.80:23
  • 76.##2.72.84:23
  • 21#.##7.254.60:23
  • 45.###.95.116:23
  • 10#.##.78.252:23
  • 23#.#7.228.6:23
  • 24#.##.154.129:23
  • 21#.#98.92.5:23
  • 25#.##3.47.114:23
  • 16#.##5.158.209:23
  • 34.##.163.66:23
  • 4.##.181.188:23
  • 21.###.58.189:23
  • 18#.#09.72.1:23
  • 71.##2.38.8:23
  • 16.#.86.183:23
  • 18#.##7.1.129:23
  • 15#.##.148.215:23
  • 15#.##4.114.98:23
  • 22#.##6.217.50:23
Receives data from the following servers:
  • 18#.###.111.199:7685
  • 18#.###.111.199:4321

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number