Linux.Siggen.7204

Linux.Siggen.7204

Добавлен в вирусную базу Dr.Web: 2024-04-19

Описание добавлено: 2024-04-19

Technical Information

Malicious functions:

Launches itself as a daemon

Substitutes application name for:

e28081

Network activity:

Awaits incoming connections on ports:

127.0.0.1:33337

Establishes connection:

8.#.8.8:53
45.###.232.208:33335

Attacks using a special dictionary (brute-force technique) via the Telnet protocol.

DNS ASK:

ro##me.xyz

Sends data to the following servers:

45.###.232.208:33335
14#.##.192.164:23
53.##5.59.89:23
95.#.122.45:23
91.###.215.151:23
21#.#.168.2:23
85.##0.55.28:23
75.##5.14.31:23
51.###.42.109:23
15#.##.43.141:23
94.##.202.12:23
13#.##.238.35:23
11#.##6.4.148:23
7.###.77.225:23
96.###.159.24:23
13#.##.117.220:23
15#.##0.45.31:23
16#.##.100.168:23
10#.##6.44.16:23
19#.##.103.171:23
12#.##.169.155:23
19#.##1.64.52:23
24#.##8.176.172:23
10#.##1.227.227:23
95.###.177.74:23
14#.##2.239.49:23
22#.##.17.205:23
17#.##3.57.18:23
19#.##2.140.168:23
21#.##.131.12:23
22#.##6.125.226:23
91.###.187.151:23
78.###.213.184:23
14#.##5.140.211:23
24#.#49.96.5:23
41.##5.82.2:23
22#.##1.26.186:23
21#.##.224.79:23
10#.##.141.252:23
17.##2.37.8:23
10#.#.252.72:23
11#.##5.35.14:23
15.###.129.204:23
20#.#44.0.25:23
37.#.248.93:23
81.##4.20.25:23
16#.##.164.175:23
20#.##2.196.161:23
25#.##5.227.1:23
92.##1.2.67:23
23#.##.108.138:23
13#.##.24.252:23
25#.##.240.171:23
21#.##5.215.19:23
13#.##6.157.211:23
12#.##.22.167:23
11#.##4.118.252:23
25#.##5.59.221:23
25#.##3.116.103:23
15#.##.241.99:23
22#.#9.32.43:23
18#.##.246.227:23
22#.##.122.76:23
11#.##4.71.147:23
15#.##0.169.215:23
20.##.189.239:23
13#.##2.103.31:23
81.###.105.134:23
20#.##0.185.92:23
12#.##3.244.13:23
23#.##.173.181:23
5.###.208.149:23
22#.##8.203.142:23
49.###.236.254:23
70.###.162.10:23
11#.##1.172.192:23
19#.##4.179.49:23
15#.##.201.39:23
66.###.28.249:23
18#.##.114.195:23
19#.#9.6.69:23
17#.##8.116.2:23
16#.##6.26.221:23
11#.#2.39.0:23
17#.##.47.200:23
16#.##7.114.30:23
20.###.189.168:23
24#.##4.67.153:23
17#.##.75.179:23
45.###.166.229:23
19#.##0.250.158:23
57.##.115.190:23
18#.##5.244.235:23
13.##.34.217:23
11#.##.155.145:23
15#.##6.44.19:23
15#.#9.4.51:23
10#.##8.65.69:23
19.##9.91.51:23
19#.##2.201.96:23
79.##.0.47:23
15#.##5.229.49:23
27.##3.86.2:23
10#.##4.50.177:23
80.##.99.176:23
25#.##0.203.131:23
39.###.121.128:23
64.###.179.107:23
22#.##.87.183:23
24#.##6.100.132:23
11#.#2.46.16:23
18#.##7.141.22:23
19#.##.146.161:23
15#.##.174.224:23
13.##.75.200:23
92.##.44.164:23
10#.##.246.152:23
11#.##0.198.103:23
21#.##5.176.194:23
86.###.252.18:23
11#.##.46.121:23
16#.##.254.166:23
59.##.203.189:23
18#.##6.97.18:23
24#.##4.116.193:23
1.###.145.141:23
21#.##.180.27:23
69.###.158.189:23
23#.##6.234.251:23
24#.#7.80.52:23
10#.##4.242.216:23
20#.##3.135.56:23
21#.##9.41.188:23
15#.##8.144.37:23
65.###.45.127:23
16.##0.125.0:23
10#.##8.209.65:23
42.##.41.75:23
35.##.181.128:23
31.###.25.240:23
69.###.174.193:23
24#.##0.254.8:23
14#.##0.55.215:23
99.##3.0.61:23
12#.#2.63.29:23
21#.##9.231.78:23
11#.##9.47.246:23
11#.##2.69.204:23
24#.##9.213.241:23
11#.##.144.84:23
20#.#57.6.63:23
24#.##.127.230:23
19#.##9.124.157:23
34.###.234.227:23
17#.##5.37.247:23
25#.##4.16.219:23
23#.##5.167.237:23
23#.#15.34.2:23
23#.##5.34.204:23
23#.##7.81.86:23
51.##.224.203:23
13#.##0.164.148:23

Receives data from the following servers:

45.###.232.208:33335

Технологии

Термины

Обучение и просвещение

Мифы

Technical Information

Рекомендации по лечению