Linux.Siggen.3334
Added to the Dr.Web virus database:
2020-10-23
Virus description added:
2020-10-23
Technical Information
Malicious functions:
Removes itself
Launches itself as a daemon
Substitutes application name for:
- /lib/systemd/systemd-logind
Kills the following processes:
Performs operations with the file system:
Creates or modifies files:
Network activity:
Awaits incoming connections on ports:
Establishes connection:
- 8.#.8.8:53
- 17#.##5.7.141:4321
- 17#.##5.7.141:7685
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
- 17#.##5.7.141:4321
- 17#.##5.7.141:7685
- 0.0.0.0:0
- 23#.##7.239.99:23
- 29.###.81.229:23
- 22#.#2.57.3:23
- 4.###.186.158:23
- 15#.##.250.27:23
- 95.###.94.229:23
- 15#.##7.177.3:23
- 16#.##.222.163:23
- 88.#.248.216:23
- 18#.##.84.117:23
- 16#.##.119.105:23
- 24#.##9.101.89:23
- 21#.##4.70.245:23
- 51.###.204.76:23
- 16#.##4.129.17:23
- 17#.##8.195.193:23
- 10#.##5.234.133:23
- 10#.##.224.96:23
- 24#.##.253.203:23
- 23#.##1.112.11:23
- 15#.#44.4.28:23
- 22#.##4.180.199:23
- 78.#.25.191:23
- 19.##0.0.102:23
- 68.###.84.199:23
- 13#.##2.159.12:23
- 56.##.198.147:23
- 14.###.36.126:23
- 5.###.179.251:23
- 24#.#1.19.84:23
- 12#.##8.45.244:23
- 15#.##.248.171:23
- 14#.##.60.109:23
- 3.##.54.94:23
- 62.##.172.243:23
- 21#.##.120.185:23
- 39.###.207.21:23
- 1.###.200.44:23
- 23.###.195.67:23
- 66.###.100.201:23
- 44.##.108.36:23
- 23#.##.77.241:23
- 20#.##0.176.67:23
- 9.###.139.248:23
- 14#.##0.77.153:23
- 83.##.60.175:23
- 68.###.26.152:23
- 25#.##7.218.197:23
- 4.##.135.237:23
- 18.##.103.213:23
- 85.##4.28.51:23
- 94.###.153.78:23
- 24#.##2.202.77:23
- 5.###.170.120:23
- 19#.##.124.55:23
- 10#.##6.165.83:23
- 13.###.122.239:23
- 16.###.132.159:23
- 15#.##4.130.125:23
- 23#.##4.225.218:23
- 23#.##6.181.212:23
- 11#.##8.206.98:23
- 17#.##.111.79:23
- 3.###.143.33:23
- 20#.##.255.141:23
- 93.###.155.145:23
- 14#.##9.119.158:23
- 77.###.65.101:23
- 17#.##9.0.242:23
- 90.##.202.96:23
- 14#.##.220.139:23
- 25#.##.247.53:23
- 23#.##2.94.98:23
- 17#.##.24.234:23
- 18#.##5.104.126:23
- 23#.##2.139.169:23
- 34.##2.9.9:23
- 96.###.106.92:23
- 12#.##6.146.0:23
- 17#.#6.79.40:23
- 54.##6.46.88:23
- 73.##8.77.27:23
- 21#.##.92.183:23
- 24.##.179.31:23
- 19.##.171.87:23
- 15#.##0.154.162:23
- 20.###.96.237:23
- 23#.##.202.37:23
- 19#.#2.73.40:23
- 13#.##0.54.87:23
- 59.###.222.67:23
- 58.###.102.181:23
Receives data from the following servers:
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
欢迎下载
Dr.Web for Android
-
免费3个月
-
可使用所有保护组件
-
可在AppGallery/Google Pay延期
继续使用此网站意味着您同意我们使用Cookie文件和其他用于收集网站访问统计信息的技术手段。详细信息