Linux.Siggen.5641
Added to the Dr.Web virus database:
2023-10-05
Virus description added:
2023-10-05
Technical Information
Malicious functions:
Substitutes application name for:
Launches processes:
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Util/_strxor.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd <0xd0>
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x101>
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpnlgqylyz -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_aes.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpzqtmk5za -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_ctr.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Hash/_SHA256.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Hash/_MD5.cpython-38-x86_64-linux-gnu.so
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x8a>
- /sbin/ldconfig -p
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x79>
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_ocb.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpstfvdw_n -l/tmp/_MEIW4Zc2B/Crypto/Util/../Hash/_SHA1.cpython-38-x86_64-linux-gnu.so
- REG QUERY HKEY_LOCAL_MACHINE\x5cSYSTEM\x5cControlSet001\x5cControl\x5cClass\x5c{4D36E968-E325-11CE-BFC1-08002BE10318}\x5c0000\x5cDriverDesc 2> nul
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpx3em1671 -l/tmp/_MEIW4Zc2B/Crypto/Util/../Hash/_SHA256.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x7b>
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x59>
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_aes.cpython-38-x86_64-linux-gnu.so
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0xbd>
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x9d>
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x13>
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmphqvc4t0j -l/tmp/_MEIW4Zc2B/Crypto/Util/../Hash/_BLAKE2s.cpython-38-x86_64-linux-gnu.so
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x46>
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_ctr.cpython-38-x86_64-linux-gnu.so
- uname -p
- /usr/bin/x86_64-linux-gnu-ld.bfd <0xe1>
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmp_b9ukb8l -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_ofb.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Protocol/_scrypt.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd <0xf2>
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0xac>
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x48>
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x26>
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x114>
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpsscekif3 -l/tmp/_MEIW4Zc2B/Crypto/Util/../Util/_strxor.cpython-38-x86_64-linux-gnu.so
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0xdf>
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Util/_cpuid_c.cpython-38-x86_64-linux-gnu.so
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0xce>
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_cbc.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpj8p3vzde -l/tmp/_MEIW4Zc2B/Crypto/Util/../Hash/_MD5.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmp25hc7bl7 -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_cfb.cpython-38-x86_64-linux-gnu.so
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x112>
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0xf0>
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_cfb.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpppcwkwdq -l/tmp/_MEIW4Zc2B/Crypto/Util/../Protocol/_scrypt.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpelfm4afj -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_Salsa20.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_ecb.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmprvseev8v -l/tmp/_MEIW4Zc2B/Crypto/Util/../Util/_cpuid_c.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x15>
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x37>
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpvrb_8z0s -l/tmp/_MEIW4Zc2B/Crypto/Util/../Hash/_ghash_portable.cpython-38-x86_64-linux-gnu.so
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x35>
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x68>
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x8c>
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_Salsa20.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpggdrdzc4 -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_ocb.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_ofb.cpython-38-x86_64-linux-gnu.so
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x57>
- /usr/bin/x86_64-linux-gnu-ld.bfd <0xae>
- REG QUERY HKEY_LOCAL_MACHINE\x5cSYSTEM\x5cControlSet001\x5cControl\x5cClass\x5c{4D36E968-E325-11CE-BFC1-08002BE10318}\x5c0000\x5cProviderName 2> nul
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Hash/_BLAKE2s.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Hash/_ghash_portable.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmpaj_b2bs5 -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_cbc.cpython-38-x86_64-linux-gnu.so
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x24>
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x6a>
- /usr/bin/x86_64-linux-gnu-ld.bfd <0x103>
- /usr/lib/gcc/x86_64-linux-gnu/10/collect2 <0x9b>
- /usr/bin/x86_64-linux-gnu-ld.bfd ld -t -L /tmp/_MEIW4Zc2B -o /dev/null -l/tmp/_MEIW4Zc2B/Crypto/Util/../Hash/_SHA1.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-gcc-10 /usr/bin/gcc -Wl,-t -o /tmp/tmp7803ab_1 -l/tmp/_MEIW4Zc2B/Crypto/Util/../Cipher/_raw_ecb.cpython-38-x86_64-linux-gnu.so
- /usr/bin/x86_64-linux-gnu-ld.bfd <0xbf>
Performs operations with the file system:
Modifies file access rights:
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_ARC4.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_Salsa20.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_chacha20.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_aes.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_aesni.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_arc2.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_blowfish.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_cast.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_cbc.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_cfb.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_ctr.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_des.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_des3.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_ecb.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_eksblowfish.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_ocb.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Cipher/_raw_ofb.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_BLAKE2b.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_BLAKE2s.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_MD2.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_MD4.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_MD5.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_RIPEMD160.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_SHA1.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_SHA224.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_SHA256.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_SHA384.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_SHA512.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_ghash_clmul.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_ghash_portable.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_keccak.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Hash/_poly1305.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Math/_modexp.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Protocol/_scrypt.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/PublicKey/_ec_ws.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Util/_cpuid_c.abi3.so
- /tmp/_MEIW4Zc2B/Crypto/Util/_strxor.abi3.so
- /tmp/_MEIW4Zc2B/_cffi_backend.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_asyncio.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_bz2.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_codecs_cn.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_codecs_hk.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_codecs_iso2022.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_codecs_jp.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_codecs_kr.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_codecs_tw.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_contextvars.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_ctypes.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_decimal.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_hashlib.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_json.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_lzma.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_multibytecodec.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_multiprocessing.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_opcode.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_posixshmem.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_queue.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_ssl.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/_uuid.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/mmap.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/readline.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/resource.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/lib-dynload/termios.cpython-38-x86_64-linux-gnu.so
- /tmp/_MEIW4Zc2B/libbz2.so.1.0
- /tmp/_MEIW4Zc2B/libcrypto.so.1.1
- /tmp/_MEIW4Zc2B/libexpat.so.1
- /tmp/_MEIW4Zc2B/libffi-806b1a9d.so.6.0.4
- /tmp/_MEIW4Zc2B/libffi.so.7
- /tmp/_MEIW4Zc2B/liblzma.so.5
- /tmp/_MEIW4Zc2B/libmpdec.so.2
- /tmp/_MEIW4Zc2B/libpython3.8.so.1.0
- /tmp/_MEIW4Zc2B/libreadline.so.8
- /tmp/_MEIW4Zc2B/libssl.so.1.1
- /tmp/_MEIW4Zc2B/libtinfo.so.6
- /tmp/_MEIW4Zc2B/libuuid.so.1
- /tmp/_MEIW4Zc2B/libz.so.1
- /tmp/_MEIW4Zc2B/base_library.zip
Creates folders:
- /tmp/_MEIW4Zc2B
- /tmp/_MEIW4Zc2B/Crypto
- /tmp/_MEIW4Zc2B/Crypto/Cipher
- /tmp/_MEIW4Zc2B/Crypto/Hash
- /tmp/_MEIW4Zc2B/Crypto/Math
- /tmp/_MEIW4Zc2B/Crypto/Protocol
- /tmp/_MEIW4Zc2B/Crypto/PublicKey
- /tmp/_MEIW4Zc2B/Crypto/Util
- /tmp/_MEIW4Zc2B/lib-dynload
Deletes folders:
- /tmp/_MEIW4Zc2B/Crypto/Protocol
- /tmp/_MEIW4Zc2B/Crypto/Hash
- /tmp/_MEIW4Zc2B/Crypto/Util
- /tmp/_MEIW4Zc2B/Crypto/Math
- /tmp/_MEIW4Zc2B/Crypto/Cipher
- /tmp/_MEIW4Zc2B/Crypto/PublicKey
- /tmp/_MEIW4Zc2B/Crypto
- /tmp/_MEIW4Zc2B/lib-dynload
- /tmp/_MEIW4Zc2B
Creates or modifies files:
Deletes files:
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
このウェブサイトを継続して訪問する場合、訪問者に関する統計データを収集するためのCookieファイルおよび他のテクノロジーを弊社が利用することに同意したものとします。詳細