マイライブラリ
マイライブラリ

+ マイライブラリに追加

電話

お問い合わせ履歴

電話(英語)

+7 (495) 789-45-86

Profile

Linux.Siggen.7094

Added to the Dr.Web virus database: 2024-04-18

Virus description added:

Technical Information

Malicious functions:
Launches itself as a daemon
Kills system processes:
  • sshd
Kills the following processes:
  • <SAMPLE>
Network activity:
Awaits incoming connections on ports:
  • 0.0.0.0:23
  • 0.0.0.0:22
  • 0.0.0.0:80
  • 0.0.0.0:81
  • 0.0.0.0:8443
Establishes connection:
  • 8.#.8.8:53
  • 93.###.85.81:9506
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
  • 93.###.85.81:9506
  • 14.###.101.51:23
  • 19#.##.181.251:23
  • 14#.#4.33.2:23
  • 17#.#.145.252:23
  • 12#.##5.19.12:23
  • 59.###.58.245:23
  • 90.###.149.78:23
  • 13#.##5.65.228:23
  • 18#.##3.147.87:23
  • 23#.##5.199.173:23
  • 24#.#0.6.219:23

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number