Linux.Siggen.7025
Added to the Dr.Web virus database:
2024-04-16
Virus description added:
2024-04-15
Technical Information
Malicious functions:
Removes itself
Launches itself as a daemon
Substitutes application name for:
Performs process tracing:
Kills system processes:
Kills the following processes:
- systemd-timesyn
- run.sh
- dash
- bash
- ss3hri7241a6
- apt-helper
- systemd
Network activity:
Awaits incoming connections on ports:
Establishes connection:
- 8.#.8.8:53
- 91.###.137.37:53
- 87.###.7.66:35342
DNS ASK:
- kz.###lfhitler.su
- se######.rebirth-network.su
Sends data to the following servers:
- 41.###.131.118:37215
- 16#.###.142.138:37215
- 19#.###.207.118:37215
- 19#.###.141.234:37215
- 19#.##.106.112:37215
- 19#.##.64.211:37215
- 69.##.248.112:37215
- 16#.##9.43.55:37215
- 41.###.99.213:37215
- 12.###.139.30:37215
- 19#.###.52.132:37215
- 21#.###.246.55:37215
- 15#.###.119.212:37215
- 19#.##.132.6:37215
- 41.###.34.68:37215
- 15#.###.203.173:37215
- 21#.###.150.70:37215
- 15#.##.116.203:37215
- 41.###.234.90:37215
- 19#.###.180.94:37215
- 15#.##.121.75:37215
- 19#.###.188.206:37215
- 60.###.24.231:37215
- 15#.###.159.99:37215
- 19#.###.130.239:37215
- 19#.###.243.203:37215
- 19#.###.97.208:37215
- 15#.##9.8.52:37215
- 41.###.25.175:37215
- 19#.###.32.175:37215
- 19#.##.80.176:37215
- 15#.##7.83.29:37215
- 15#.###.251.37:37215
- 19#.##.94.181:37215
- 15#.##.68.204:37215
- 41.###.108.199:37215
- 19#.##.109.215:37215
- 16#.###.32.207:37215
- 19#.###.252.201:37215
- 15#.###.21.129:37215
- 19#.###.40.236:37215
- 19#.###.23.131:37215
- 15#.##9.49.84:37215
- 10#.###.66.126:37215
- 19#.##.105.117:37215
- 15#.##6.61.78:37215
- 15#.###.165.209:37215
- 22#.##.62.79:37215
- 10#.###.236.63:37215
- 21#.###.217.254:37215
- 41.###.192.175:37215
- 44.###.175.208:37215
- 41.##.154.156:37215
- 16#.###.250.172:37215
- 41.###.114.4:37215
- 15#.##.202.11:37215
- 18#.###.44.174:37215
- 19#.###.135.38:37215
- 65.###.34.114:37215
- 19#.###.127.234:37215
- 41.##.155.206:37215
- 41.###.29.152:37215
- 15#.###.174.189:37215
- 15#.##.76.93:37215
- 15#.##.106.181:37215
- 19#.##.149.255:37215
- 15#.###.174.20:37215
- 15#.###.182.220:37215
- 41.###.23.242:37215
- 16#.###.101.100:37215
- 41.###.80.230:37215
- 41.##.210.91:37215
- 19#.###.133.211:37215
- 41.##.1.70:37215
- 19#.##.190.60:37215
- 13#.##.157.193:37215
- 15#.###.15.234:37215
- 19#.###.142.70:37215
- 20#.##.254.6:37215
- 41.###.69.164:37215
- 87.###.7.66:35342
Receives data from the following servers:
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
欢迎下载
Dr.Web for Android
-
免费3个月
-
可使用所有保护组件
-
可在AppGallery/Google Pay延期
继续使用此网站意味着您同意我们使用Cookie文件和其他用于收集网站访问统计信息的技术手段。详细信息