Technical Information
Malicious functions:
Modifies firewall settings:
- iptables -I INPUT -p udp -m udp --dport 56968 -j ACCEPT
Performs operations with the file system:
Deletes files:
- <SAMPLE_FULL_PATH>"
Network activity:
Awaits incoming connections on ports:
- 0.0.0.0:56968
Establishes connection:
- 8.#.8.8:53
- [:##]:56968
- 127.0.0.1:56968
- 91.###.87.35:8080
- 21#.###.179.110:8080
HTTP GET requests:
- http://##.##9.66.101/
Sends data to the following servers:
- 22.###.221.1:24621
- 13#.##7.168.246:80
- 95.###.17.186:80
- 23.###.47.184:80
- 17.###.140.242:80
- 10#.#5.35.45:80
- 11#.#2.43.5:80
- 42.##4.5.201:80
- 34.###.120.237:80
- 13#.##4.234.213:80
- 13#.#7.75.90:80
- 12#.##.150.27:80
- 5.###.94.60:80
- 67.###.90.120:80
- 92.###.138.191:80
- 19#.##8.62.147:80
- 12#.##1.188.0:80
- 11#.##3.114.187:80
- 14#.##.90.152:80
- 10#.##.25.153:80
- 34.###.114.108:80
- 61.###.210.206:80
- 81.###.240.253:80
- 15#.##6.144.116:80
- 39.##.170.127:80
- 84.###.207.38:80
- 17#.##6.164.16:80
- 11#.##.233.75:80
- 11#.##0.196.69:80
- 15#.##4.222.48:80
- 12#.##.255.118:80
- 59.##.254.52:80
- 20#.##0.0.250:80
- 14#.##4.150.99:80
- 48.##.181.58:80
- 10#.##9.141.234:80
- 65.##8.7.235:80
- 16#.##2.154.155:80
- 10#.##8.215.110:80
- 99.###.113.105:80
- 54.##1.55.42:80
- 70.###.38.171:80
- 16#.##2.137.249:80
- 14#.##.140.22:80
- 48.##5.8.41:80
- 25.###.155.69:80
- 19#.##4.227.210:80
- 92.##.209.32:80
- 11#.##.128.231:80
- 18#.##7.194.8:80
- 18.##.163.32:80
- 21#.#60.63.8:80
- 12.###.110.84:80
- 61.###.149.240:80
- 17#.#5.39.39:80
- 14#.##7.250.152:80
- 8.###.220.79:80
- 12#.##8.15.238:80
- 13#.##2.233.119:80
- 82.###.122.69:80
- 19#.##.48.128:80
- 98.###.54.238:80
- 4.##.105.118:80
- 93.##.115.58:80
- 17.###.177.15:80
- 92.##.180.234:80
- 11#.##5.12.63:80
- 43.##.104.12:80
- 84.##.57.27:80
- 13#.##1.153.52:80
- 2.###.209.80:80
- 10#.#.172.224:80
- 34.###.235.106:80
- 96.###.74.153:80
- 57.##.76.104:80
- 90.#.252.86:80
- 14#.##7.112.12:80
- 14#.#8.8.35:80
- 81.##.160.129:80
- 93.###.112.58:80
- 15#.##2.77.74:80
- 93.##.85.55:80
- 99.##.191.225:80
- 18#.##.69.171:80
- 17#.#66.64.0:80
- 52.###.175.184:80
- 53.##.155.245:80
- 39.###.13.117:80
- 18#.##8.153.21:80
- 10#.##3.129.50:80
- 21#.##4.58.133:80
- 5.##.39.170:80
- 20#.##.108.222:80
- 13#.##9.188.119:80
- 10#.#6.30.85:80
- 60.###.66.192:80
- 19#.##8.203.231:80
- 15#.##.109.250:80
- 14.###.86.146:80
- 53.###.148.242:80
- 10#.#.48.97:80
- 21#.##4.200.137:80
- 17#.##7.147.23:80
- 10#.##.98.141:80
- 22#.##7.138.35:80
- 17#.##9.53.139:80
- 66.###.57.160:80
- 19#.##1.155.14:80
- 11#.##4.65.144:80
- 12#.##7.99.126:80
- 20#.##.76.165:80
- 11#.#.178.209:80
- 12#.##9.186.40:80
- 10#.##2.161.0:80
- 11#.##4.251.238:80
- 13.###.132.174:80
- 18#.##.243.190:80
- 18#.##6.144.136:80
- 87.##.244.147:80
- 20#.##.183.251:80
- 14#.##8.202.222:80
- 18#.##0.165.251:80
- 16#.##7.45.65:80
- 19#.##3.248.28:80
- 82.##5.85.13:80
- 19#.##.122.222:80
- 17#.##.74.138:80
- 10#.#39.8.29:80
- 65.##.199.242:80
- 21#.#39.6.40:80
- 19#.##.58.209:80
- 58.#.245.99:80
- 88.###.110.70:80
- 21#.##2.178.162:80
- 13#.#6.7.38:80
- 39.##7.63.16:80
- 13#.##.210.151:80
- 13#.##2.33.166:80
- 13#.##4.21.217:80
- 18#.##6.243.237:80
- 43.###.212.211:80
- 57.##.220.166:80
- 13#.##.175.87:80
- 94.###.146.203:80
- 16#.#5.32.60:80
- 20#.#4.97.47:80
- 19#.##.145.162:80
- 10#.##.125.25:80
- 11#.##.146.80:80
- 85.###.224.102:80
- 19#.##4.102.132:80
- 16#.##.213.31:80
- 62.##.17.195:80
- 16#.##4.196.187:80
- 17#.##.147.12:80
- 57.##.56.201:80
- 75.###.166.143:80
- 57.##.49.95:80
- 11#.##3.138.142:80
- 72.##.234.7:80
- 17#.#4.99.0:80
- 14#.##9.107.250:80
- 79.###.190.74:80
- 99.###.136.30:80
- 17.###.140.148:80
- 89.###.130.237:80
- 19#.##8.211.0:80
- <LOCAL_GATE>:80
- 56.##.126.102:45854
- 64.###.135.38:8080
- 11#.##8.58.114:8080
- 20#.#.76.227:8080
- 46.##.71.151:8080
- 11#.###.250.160:8080
- 22#.##7.71.121:8080
- 10#.##.96.84:8080
- 13#.##.137.48:8080
- 15#.##6.216.84:8080
- 16#.##6.94.53:8080
- 17.###.36.34:8080
- 21#.###.140.198:8080
- 78.###.119.255:8080
- 13#.###.117.122:8080
- 14#.##.203.253:8080
- 13#.##2.21.134:8080
- 91.###.87.35:8080
- 20#.##0.29.20:8080
- 15#.###.139.219:8080
- 62.###.72.13:8080
- 21#.###.179.110:8080
- 10.##.64.43:8080
- 22#.##.143.248:8080
- 76.###.83.75:8080
- 16#.###.142.127:8080
- 24.###.14.55:8080
- 21#.##1.84.205:8080
- 21#.##7.51.134:8080
- 17.###.78.109:8080
- 16#.###.134.144:8080
- 15#.###.119.241:8080
- 59.##.255.164:8080
- 16#.##.202.122:8080
- 99.###.27.184:8080
- 78.###.179.196:8080
- 18#.##8.204.14:8080
- 92.##.28.42:8080
- 69.##.74.204:8080
- 16#.##.183.162:8080
- 11#.##3.7.99:8080
- 23.##.156.31:8080
- 87.##.133.111:8080
- 90.###.19.118:8080
- 13#.##.174.2:8080
- 18#.##.61.104:8080
- 75.##.164.24:8080
- 52.###.30.68:8080
- 38.###.193.194:8080
- 12#.##5.62.151:8080
- 45.##.143.101:8080
- 17.###.226.33:8080
- 14#.##2.112.97:8080
- 14#.###.165.194:8080
- 61.###.173.132:8080
- 12#.##0.210.81:8080
- 87.###.197.86:8080
- 16#.##8.209.34:8080
- 21#.##4.136.69:8080
- 90.###.155.68:8080
- 20#.##.179.88:8080
- 40.###.42.87:8080
- 14#.##8.113.97:8080
- 80.###.148.135:8080
- 14#.###.138.192:8080
- 11#.#.59.66:8080
- 84.###.41.172:8080
- 19#.###.138.129:8080
- 10#.##0.71.137:8080
- 12#.###.149.242:8080
- 12#.##.232.177:8080
- 57.###.238.107:8080
- 15#.##.75.208:8080
- 61.###.144.167:8080
- 9.###.2.176:8080
- 11#.##.67.197:8080
- 9.###.228.101:8080
- 17#.##.40.166:8080
- 10.##.155.248:8080
- 15#.##.89.10:8080
- 14#.##.152.247:8080
- 54.#.53.5:8080
- 18#.##1.240.55:8080
- 19#.##7.105.31:8080
- 10#.##.211.65:8080
- 20#.##.120.221:8080
- 80.###.131.49:8080
- 18#.##8.232.2:8080
- 46.###.140.71:8080
- 79.##.231.54:8080
- 17#.##7.73.177:8080
- 17#.##9.31.56:8080
- 21#.##3.188.20:8080
- 11#.###.202.148:8080
- 14#.###.205.168:8080
- 18#.#.206.112:8080
- 13#.##.106.167:8080
- 98.##.88.249:8080
- 19#.##.132.230:8080
- 14#.##.245.255:8080
- 13#.##9.184.15:8080
- 15#.##4.98.43:8080
- 51.##.23.69:8080
- 20#.###.202.180:8080
- 17#.##2.21.235:8080
- 21#.##9.157.78:8080
- 36.###.69.192:8080
- 16#.##7.118.83:8080
- 19.##.197.182:8080
- 16#.##5.7.37:8080
- 60.###.103.16:8080
- 63.###.252.6:8080
- 88.###.141.207:8080
- 10#.##.4.210:8080
- 18#.##.173.217:8080
- 12#.##.46.3:8080
- 12#.##.165.204:8080
- 22#.##.174.131:8080
- 20.###.35.43:8080
- 20.###.45.217:8080
- 18#.##.114.188:8080
- 11#.##.175.145:8080
- 18#.##7.161.26:8080
- 15#.###.194.212:8080
- 14#.###.137.238:8080
- 12#.##.239.78:8080
- 11#.##8.42.186:8080
- 85.###.141.12:8080
- 77.###.6.164:8080
- 18#.##.132.71:8080
- 10#.##7.5.129:8080
- 11#.##0.55.100:8080
- 98.##.110.68:8080
- 18.###.16.186:8080
- 42.###.83.137:8080
- 94.#.#67.22:8080
- 16#.##.108.55:8080
- 83.###.10.243:8080
- 13#.###.238.110:8080
- 91.##.209.233:8080
- 18#.##.54.133:8080
- 16#.###.158.204:8080
- 63.###.118.216:8080
- 19#.##2.207.35:8080
- 15#.##1.182.43:8080
- 14#.##.207.245:8080
- 14#.##.80.77:8080
- 73.##.1.171:8080
- 18#.##9.66.131:8080
- 74.###.205.245:8080
- 13#.##6.176.63:8080
- 34.###.187.218:8080
- 25.##.96.132:8080
- 11#.##6.180.59:8080
- 19#.##0.50.238:8080
- 59.###.116.66:8080
- 15#.##.95.35:8080
- 10#.##3.65.130:8080
- 16#.##5.75.160:8080
- 14#.##2.166.80:8080
- 21#.##9.195.84:8080
- 18#.##0.36.246:8080
- 90.###.248.129:8080
- 60.##.161.116:8080
- 14.##.123.135:8080
- 13#.##.90.151:8080
- 22#.##2.71.130:8080
- 19#.##8.211.2:8080
- 19#.##8.211.3:8080
