用户服务中心

My library

+ Add to library

Search

24/7 Tech support | Rules regarding submitting

Send a message

Call us

+7 (495) 789-45-86

Forum

Your tickets

Total: -
Active: -
Latest: -

Call us

+7 (495) 789-45-86

CN

RU CN DE EN ES FR IT JP KZ UZ PL BY

Dr.Web vxCube

打开分析仪

计算机病毒事件调查

病毒知识库

技术

术语

教育培训

误区

有关反病毒软件的误区

Linux.Siggen.2336

Added to the Dr.Web virus database: 2019-11-24

Virus description added: 2019-11-23

Technical Information

Malicious functions:

Launches itself as a daemon

Substitutes application name for:

ouQAC7b77cmscfcc5c5RVQbb

Network activity:

Awaits incoming connections on ports:

0.0.0.0:23

Establishes connection:

8.#.8.8:53
23.###.201.100:4096

Attacks using a special dictionary (brute-force technique) via the Telnet protocol.

Sends data to the following servers:

23.###.201.100:4096
11#.#7.99.13:23
17#.#4.33.9:23
82.###.90.109:23
63.###.242.28:23
66.##7.30.97:23
19#.##7.190.78:23
12#.##.137.41:23
17#.##1.56.63:23
16#.##.191.170:23
87.##.235.125:23
68.###.248.168:23
23.##.215.165:23
12#.##1.136.160:23
20.###.252.18:23
92.###.145.181:23

Receives data from the following servers:

23.###.201.100:4096

Curing recommendations

Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number