Mi biblioteca
Mi biblioteca

+ Añadir a la biblioteca

Soporte
Soporte 24 horas | Normas de contactar

Sus solicitudes

Perfil

Linux.Siggen.3158

Added to the Dr.Web virus database: 2020-06-24

Virus description added:

Technical Information

Malicious functions:
Removes itself
Launches itself as a daemon
Substitutes application name for:
  • vi5qih3mt25sjij4kpyw
  • 3q1lbdhmu2uop2fqw2suhjxu
  • dgpsh4nn4fpwckesmvqrp
  • 31wzydevqlpjhysrssfhw
  • xp4uorh2lxolyptux1oqbkb
  • lwwarhumak2sxshbjrlav5
  • 2zi1tydpitw1b2q2olhf
  • w3jhnnmbco34vctctbcj2xxu
  • j3wzh0rzdfaykz0liw2tgq
  • jncdc4hmuf3d2vurv3isb
  • frlwxtq5ylh00w5gx21f
  • w1mw2m20gmzprqakfufj4uea
  • ztahjbyrvhkbyg31cnmweont
  • xv5cikdvbnol0mzksy0fidz4
  • crcswcjxqhmu0xvvvu4flhdl
  • p5r2zfol04o1mkinlbsxk
  • byx2q5awqqijlsu4osk0kk
  • 3dnh40nci4xwhondd5uac
  • 5uxmzblnf1wmkbtwbejlkhye
  • sos3gftjllz4odg5j1fg
  • tmmy4vagjvdg2bx2iu4u
  • ie3e0wca2k2ct4owblvj1c3s
  • swjlukievsmwroqxecsf
  • vh000mz3xdfwnu4xbcsuhhh
  • hfn1mk5wucgobdhjspzox
  • lkms2y525qyln3w4rhh0uf
  • eivyg4s1q3byntpma5jct
  • edixx15a4ip4dtl3vtsc
  • i5gr3zxeijfmbrpl2h01me5k
  • kkr51r3iduzyqtigidlkzjt
  • 0z0b2rsavf0t2twumzss
  • byunsqutlzeud4bmjxuq2ak
  • dgozfui3qbxcee5sznpia
  • bwe5zjropqtk3fcvxitlkb
  • czjooyogdwjqoi2diduxdkt
  • c03ixqnou3elerurichemk4w
  • 3ken3gu1r04svugdjaraexdo
  • mmewy0imme5aoygertv3yxth
  • g22ye03gxio5isahyy3efu
  • du5iz1bhwrvzlge0afjlj
  • 2qaxhykyty23haxdq5zh
  • hxokkxsjrr132jrxajir
  • rygghi12ximdlw3fscerbtg
  • r5ro152vi51bilb5nf1ux
  • d1zvndcmj3ibrscjmtt4
  • b4c0vauvn3uwyezqikibt
  • 01h0mglwxhngmmre1otqmcje
  • ra3jde4j1wikzyn5igqc4u
  • lib5fgm4g5kxlgtvxtosa
  • f2ouqz1rcs5eh3eyfiriz0
  • m1hpxh3w5dns2aub0ysl
  • ea4dxjnvb5gcmrtiugxog
  • tnfvlrutnkvtp2ak1uri3
  • zmvozvdl0ondxl2ehm25
  • 13c4hbftr45zsrbgsw0dsyu
  • qftgpwg5dk4223uacvy4xe0
  • a0wrqw1onyffmjxnqly0vx
  • ka0a2l5ljtlq23peh2ye0
  • f5zetd12zchlee42vogi3d40
  • 14mzfbdhcpvnxtxmbjxt
  • wt2ptmjtcmsd3hu2qn2v51w
  • 1g51mxzuikvcgmvp35sy
  • iti00y3f4doessjxjhts
  • ba3qvqoizrykqhyail02i035
  • kqi02xriq2ltidt2lmeu
  • k4oza3xoiyag02ljdyze
  • if1t42frbcwjr50i2utkh
  • gw3n1pgzirhtzv5ne2m3c
  • ormqzov4e1kwhyenbgzvqqu
Performs operations with the file system:
Creates or modifies files:
  • <SAMPLE_FULL_PATH>
Network activity:
Awaits incoming connections on ports:
  • 19#.##8.200.50:3467
Establishes connection:
  • 8.#.8.8:53
  • 15#.##.155.229:4321
  • 15#.##.155.229:7685
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
  • 15#.##.155.229:7685
  • 15#.##.155.229:4321
Receives data from the following servers:
  • 15#.##.155.229:7685
  • 15#.##.155.229:4321

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number