マイライブラリ
マイライブラリ

+ マイライブラリに追加

電話

お問い合わせ履歴

電話(英語)

+7 (495) 789-45-86

Profile

Linux.Siggen.7057

Added to the Dr.Web virus database: 2024-04-18

Virus description added:

Technical Information

Malicious functions:
Removes itself
Launches itself as a daemon
Substitutes application name for:
  • 6ac58cfwtt1losqib53b
Performs process tracing:
  • swapper/0
Kills system processes:
  • sshd
Kills the following processes:
  • systemd-timesyn
  • run.sh
  • dash
  • bash
  • apt-config
  • 6ac58cfwtt1losq
  • systemd
Network activity:
Awaits incoming connections on ports:
  • 127.0.0.1:8345
Establishes connection:
  • 8.#.8.8:53
  • 51.###.162.59:53
  • 87.###.7.66:35342
  • 19#.##.144.87:53
  • 94.##.114.254:53
  • 1.#.1.1:53
  • 51.###.108.203:53
  • 13#.#95.4.2:53
Sends data to the following servers:
  • 22#.##.52.47:37215
  • 19#.##7.69.98:37215
  • 19#.###.153.46:37215
  • 19#.##.175.160:37215
  • 25.###.230.157:37215
  • 41.###.13.185:37215
  • 20#.##.103.27:37215
  • 41.##.34.228:37215
  • 19#.###.248.182:37215
  • 41.#.#73.51:37215
  • 41.##.158.24:37215
  • 15#.###.34.179:37215
  • 19#.###.25.115:37215
  • 15#.###.245.154:37215
  • 15#.##8.74.15:37215
  • 15#.##.121.18:37215
  • 15#.#.99.22:37215
  • 15#.##4.37.37:37215
  • 15#.##.249.166:37215
  • 12#.##3.83.29:37215
  • 15#.##.90.148:37215
  • 41.##.108.5:37215
  • 41.###.188.254:37215
  • 41.##.49.66:37215
  • 19#.###.88.107:37215
  • 15#.##.143.136:37215
  • 19#.###.254.47:37215
  • 15#.##.221.137:37215
  • 39.##.137.128:37215
  • 20#.###.51.164:37215
  • 72.##.25.46:37215
  • 41.###.36.194:37215
  • 15#.##1.14.53:37215
  • 12.###.147.17:37215
  • 15#.###.230.233:37215
  • 15#.###.150.69:37215
  • 15#.###.80.136:37215
  • 41.##.167.175:37215
  • 11#.##0.101.9:37215
  • 15#.##8.105.0:37215
  • 19#.###.147.210:37215
  • 15#.###.19.144:37215
  • 81.###.77.247:37215
  • 19#.###.155.62:37215
  • 41.##.53.238:37215
  • 15#.###.16.239:37215
  • 41.###.239.95:37215
  • 41.###.109.122:37215
  • 15#.###.122.59:37215
  • 70.###.146.202:37215
  • 65.##.88.39:37215
  • 19#.##.109.147:37215
  • 19#.##9.1.85:37215
  • 15#.##5.49.49:37215
  • 19#.###.242.152:37215
  • 15#.##.140.21:37215
  • 41.##.131.56:37215
  • 40.###.228.73:37215
  • 14#.##4.2.161:37215
  • 19#.##9.16.4:37215
  • 41.###.124.63:37215
  • 93.##.183.206:37215
  • 41.###.54.2:37215
  • 15#.##.189.186:37215
  • 41.###.2.16:37215
  • 15#.###.233.176:37215
  • 41.##.43.188:37215
  • 19#.###.185.63:37215
  • 41.###.75.204:37215
  • 15#.##.193.3:37215
  • 15#.##.92.141:37215
  • 15#.##.142.228:37215
  • 15#.###.168.161:37215
  • 15#.##.89.44:37215
  • 19#.#.155.64:37215
  • 41.###.250.37:37215
  • 19#.##.255.44:37215
  • 19#.###.61.198:37215
  • 15#.##.16.80:37215
  • 41.##.136.27:37215
  • 19#.###.254.88:37215
  • 21#.##.218.57:37215
  • 19#.##.143.117:37215
  • 15#.##.30.46:37215
  • 15#.###.149.253:37215
  • 19#.###.222.151:37215
  • 41.##.137.79:37215
  • 41.##.240.37:37215
  • 18#.###.171.166:37215
  • 19#.##.61.242:37215
  • 19#.###.180.187:37215
  • 41.###.209.188:37215
  • 19#.###.120.82:37215
  • 12#.##.109.170:37215
  • 19#.###.189.143:37215
  • 19#.###.164.65:37215
  • 15#.##.232.100:37215
  • 23.##.43.240:37215
  • 15#.###.171.173:37215
  • 19#.###.241.192:37215
  • 15#.##8.19.30:37215
  • 17#.###.70.171:37215
  • 41.##.63.249:37215
  • 15#.###.225.107:37215
  • 15#.#.32.162:37215
  • 41.###.207.49:37215
  • 97.###.26.122:37215
  • 41.###.154.77:37215
  • 17#.##.99.131:37215
  • 19#.##.152.26:37215
  • 13#.##.248.194:37215
  • 92.###.248.184:37215
  • 15#.###.212.163:37215
  • 41.##.57.183:37215
  • 41.###.92.64:37215
  • 41.##.171.181:37215
  • 19#.###.222.57:37215
  • 41.###.162.87:37215
  • 19#.###.155.94:37215
  • 15#.##.107.138:37215
  • 83.##.5.81:37215
  • 15#.###.167.235:37215
  • 15#.##.78.63:37215
  • 41.##.46.230:37215
  • 19#.###.142.245:37215
  • 19#.##.16.87:37215
  • 41.###.237.78:37215
  • 74.###.5.110:37215
  • 41.##.56.172:37215
  • 41.###.176.69:37215
  • 15#.###.151.196:37215
  • 14.###.211.208:37215
  • 41.#.#2.20:37215
  • 41.###.36.179:37215
  • 19#.##.95.80:37215
  • 15#.##.238.63:37215
  • 19#.###.222.142:37215
  • 81.##.103.248:37215
  • 15#.###.94.127:37215
  • 19#.##.45.91:37215
  • 41.###.43.104:37215
  • 8.##.#41.147:37215
  • 19#.###.195.72:37215
  • 15#.###.148.81:37215
  • 41.###.168.121:37215
  • 41.###.207.50:37215
  • 10#.#.137.117:37215
  • 41.###.26.16:37215
  • 17#.###.237.42:37215
  • 69.##.31.79:37215
  • 41.###.62.53:37215
  • 41.###.185.190:37215
  • 19#.###.89.229:37215
  • 14#.##.86.123:37215
  • 19#.##.193.158:37215
  • 15#.###.127.144:37215
  • 19#.###.100.117:37215
  • 41.##.186.8:37215
  • 16#.##.171.7:37215
  • 19#.##.129.200:37215
  • 19#.###.29.200:37215
  • 15#.#.148.88:37215
  • 15#.##.143.241:37215
  • 19#.##.7.133:37215
  • 19#.###.219.134:37215
  • 15#.###.60.123:37215
  • 18#.##0.15.31:37215
  • 22#.###.146.221:37215
  • 19#.##7.182.1:37215
  • 12#.###.196.20:37215
  • 19#.##8.62.81:37215
  • 19#.###.231.247:37215
  • 41.###.6.0:37215
  • 15#.###.246.86:37215
  • 19#.###.91.186:37215
  • 10#.##.251.243:37215
  • 92.###.122.175:37215
  • 19#.###.63.137:37215
  • 15#.##.77.20:37215
  • 19#.###.104.168:37215
  • 15#.#.231.81:37215
  • 15#.###.14.242:37215
  • 19#.##1.76.35:37215
  • 46.###.163.193:37215
  • 19#.##.184.241:37215
  • 19#.###.195.195:37215
  • 22#.##.241.103:37215
  • 19#.###.104.210:37215
  • 15#.##.129.4:37215
  • 19#.###.91.145:37215
  • 41.###.110.106:37215
  • 41.##.156.31:37215
  • 41.###.219.72:37215
  • 41.##.121.92:37215
  • 10#.##.134.144:37215
  • 41.##.94.175:37215
  • 19#.##.189.70:37215
  • 19#.###.252.174:37215
  • 19#.###.140.82:37215
  • 36.###.207.251:37215
  • 19#.###.154.91:37215
  • 0.0.0.0

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number