Linux.BackDoor.Fgt.1386
Added to the Dr.Web virus database:
2018-08-07
Virus description added:
2018-08-07
Technical Information
Malicious functions:
Removes itself
Substitutes application name for:
Launches processes:
- sh -c rm -rf /tmp/* /var/* /var/run/* /var/tmp/*
- rm -rf /tmp/* /var/backups /var/cache /var/lib /var/local /var/lock /var/log /var/mail /var/opt /var/run /var/spool /var/tmp /var/run/acpid.pid /var/run/acpid.socket /var/run/atd.pid /var/run/crond.pid /var/run/crond.reboot /var/run/dbus /var/run/dhclient.eth0.pid /var/run/exim4 /var/run/initctl /var/run/initramfs /var/run/lock /var/run/log /var/run/mount /var/run/network /var/run/rpc.statd.pid /var/run/rpc_pipefs /var/run/rpcbind /var/run/rpcbind.lock /var/run/rpcbind.pid /var/run/rpcbind.sock /var/run/rsyslogd.pid /var/run/sendsigs.omit.d /var/run/shm /var/run/sm-notify.pid /var/run/sshd /var/run/sshd.pid /var/run/systemd /var/run/tmpfiles.d /var/run/udev /var/run/user /var/run/utmp /var/tmp/*
Network activity:
Establishes connection:
- 8.#.8.8:53
- 15#.##.136.66:50
Sends data to the following servers:
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
欢迎下载
Dr.Web for Android
-
免费3个月
-
可使用所有保护组件
-
可在AppGallery/Google Pay延期
继续使用此网站意味着您同意我们使用Cookie文件和其他用于收集网站访问统计信息的技术手段。详细信息