Linux.Siggen.6218
Added to the Dr.Web virus database:
2023-12-14
Virus description added:
2023-12-14
Technical Information
Malicious functions:
Launches itself as a daemon
Kills system processes:
Network activity:
Awaits incoming connections on ports:
- 0.0.0.0:23
- 0.0.0.0:22
- 0.0.0.0:80
- 0.0.0.0:81
- 0.0.0.0:8443
- 0.0.0.0:9009
Establishes connection:
- 8.#.8.8:53
- 10#.##.163.23:1791
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
- 18#.#8.59.98:23
- 22#.#1.70.92:23
- 16#.##4.38.75:23
- 19#.##.64.102:23
- 89.###.132.101:23
- 15#.##6.139.91:23
- 81.##7.59.80:23
- 11#.##5.176.119:23
- 19#.##9.153.87:23
- 19#.##2.135.149:23
- 17#.##3.77.98:23
- 23.##.167.140:23
- 99.##.247.198:23
- 15#.##.26.173:23
- 21#.##9.63.199:23
- 18#.##4.42.167:23
- 11#.##1.208.182:23
- 17#.#03.31.2:23
- 16#.##.222.174:23
- 14#.##8.66.163:23
- 18#.#3.5.65:23
- 61.##.137.102:23
- 22#.##6.122.156:23
- 12#.##.189.173:23
- 18#.##7.185.156:23
- 13.##.152.27:23
- 72.###.125.122:23
- 15#.##0.52.162:23
- 11#.##1.239.217:23
- 14#.#.135.74:23
- 16#.##8.194.107:23
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
このウェブサイトを継続して訪問する場合、訪問者に関する統計データを収集するためのCookieファイルおよび他のテクノロジーを弊社が利用することに同意したものとします。詳細