Meine Bibliothek
Meine Bibliothek

+ Zur Bibliothek hinzufügen

Support

Ihre Anfragen

Rufen Sie uns an

+7 (495) 789-45-86

Profil

Linux.Siggen.3397

Added to the Dr.Web virus database: 2020-11-15

Virus description added:

Technical Information

Malicious functions:
Launches itself as a daemon
Substitutes application name for:
  • [md]
Kills the following processes:
  • run.sh
Network activity:
Awaits incoming connections on ports:
  • 0.0.0.0:55321
Establishes connection:
  • 19#.##0.239.183:335
  • 8.#.8.8:53
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
  • 19#.##0.239.183:335
  • 11#.##8.216.36:23
  • 32.##.88.158:23
  • 46.##8.40.59:23
  • 38.###.113.117:23
  • 89.###.110.38:23
  • 18#.##9.233.166:23
  • 12#.##5.252.130:23
  • 14#.##.103.171:23
  • 18#.##5.38.85:23
  • 20#.##.223.160:23
  • 12#.##2.219.199:23
  • 17#.##.124.105:23
  • 68.##.207.145:23
  • 14#.##1.170.70:23
  • 45.##.74.114:23
  • 13#.##.106.43:23
  • 57.###.36.100:23
  • 41.###.59.120:23
  • 27.##.59.170:23
  • 47.##.143.81:23
  • 13#.#54.9.32:23
  • 17#.##8.252.225:23
  • 11#.#.138.85:23
  • 15#.##7.93.216:23
  • 12#.#2.92.68:23
  • 14#.##9.34.34:23
  • 12#.##0.19.189:23
  • 19#.##3.95.23:23
  • 8.###.206.29:23
  • 16#.##2.254.35:23
  • 21#.##7.101.66:23
  • 19#.##4.82.194:23
  • 17#.#40.7.0:23
  • 16#.##3.37.240:23
  • 14.###.35.205:23
  • 64.###.145.123:23
  • 13#.##.178.165:23
  • 14#.#.14.221:23
  • 12#.##.11.142:23
  • 65.##.229.178:23
  • 13#.##3.29.30:23
  • 68.###.23.216:23
  • 17.##8.89.51:23
  • 20#.##2.187.136:23
  • 19#.##.250.170:23
  • 10#.##.228.213:23
  • 41.##.138.233:23
  • 21#.##1.169.132:23
  • 16#.##3.210.78:23
  • 59.##.187.254:23
  • 16#.##8.152.203:23
  • 36.###.252.176:23
  • 22#.##.40.189:23
  • 82.###.243.160:23
  • 19.###.165.14:23
  • 12#.#0.68.60:23
  • 10#.##0.107.46:23
  • 20#.##9.2.231:23
  • 17#.##2.86.49:23
  • 14#.##.201.117:23
  • 13#.##6.14.57:23
  • 18#.##6.222.135:23
  • 15#.##.203.163:23
  • 16#.##4.207.117:23
  • 21#.##.105.223:23
  • 18#.##8.111.102:23
  • 13#.##0.165.119:23
  • 17#.##8.141.83:23
  • 76.##.253.66:23
  • 13#.##8.65.188:23
  • 14#.##4.21.26:23
  • 15#.##9.18.67:23
  • 61.###.237.246:23
  • 11#.#9.6.157:23
  • 49.##.200.53:23
  • 14#.##3.96.68:23
  • 59.###.75.185:23
  • 25.###.76.233:23
  • 15#.##6.45.223:23
  • 17#.##2.248.6:23
  • 14#.##.106.76:23
  • 16#.##0.248.168:23
  • 62.##.178.30:23
  • 14#.##0.15.26:23
  • 21#.##1.18.96:23
  • 21#.##9.110.34:23
  • 4.##.229.189:23
  • 18#.##2.21.44:23
  • 11#.##8.196.201:23
  • 4.##.152.254:23
  • 16#.##.247.15:23
  • 69.##.24.170:23
  • 14.###.92.238:23
  • 13#.##0.142.92:23
  • 2.###.253.96:23
  • 34.##1.3.144:23
  • 68.##.229.165:23
  • 18#.##7.206.127:23
  • 16#.##.195.219:23
  • 21#.##4.215.120:23
  • 2.##.28.245:23
  • 15#.##.19.157:23
  • 36.###.243.86:23
  • 18#.##.213.53:23
  • 10#.#0.104.0:23
  • 50.###.155.125:23
  • 79.###.67.234:23
  • 40.###.109.20:23
  • 19#.##.129.129:23
  • 12#.##9.142.132:23
  • 20#.##6.251.29:23
  • 77.###.247.149:23
  • 69.###.123.106:23
  • 14#.##9.145.192:23
  • 38.##.175.100:23
  • 25.#.95.6:23
  • 44.##.230.108:23
  • 78.##.212.24:23
  • 14#.##0.136.180:23
  • 21#.##.28.129:23
  • 17#.##7.151.232:23
  • 74.#.176.143:23
  • 92.###.167.72:23
  • 1.###.119.179:23
  • 10#.##.100.59:23
  • 14#.##7.118.14:23
  • 12#.##0.152.113:23
  • 92.###.39.237:23
  • 10#.##7.114.146:23
  • 13#.##1.98.23:23
  • 18#.##4.166.9:23
  • 71.###.77.138:23
  • 21#.##.215.32:23
  • 24.##.202.12:23
  • 96.###.221.105:23
  • 60.###.241.106:23
  • 12#.#1.15.99:23
  • 15#.##9.210.100:23
  • 14#.##3.113.157:23
  • 87.###.27.209:23
  • 69.###.16.123:23
  • 91.##.105.148:23
  • 94.##.67.224:23
  • 21#.##.21.251:23
  • 18#.##1.120.23:23
  • 11#.##2.146.39:23
  • 21#.##4.185.255:23
  • 67.##.146.172:23
  • 20#.##9.188.251:23
  • 15#.##1.3.189:23
  • 21#.##9.94.85:23
  • 11#.##9.114.233:23
  • 37.###.111.25:23
  • 14#.#0.94.65:23
  • 20#.##3.180.103:23
  • 94.##.109.201:23
  • 19#.#5.54.9:23
  • 19#.##0.182.140:23
  • 74.##5.29.81:23
  • 94.###.120.239:23
  • 53.###.237.146:23
  • 11#.##8.248.210:23
  • 19#.##.160.93:23
  • 11#.##1.90.155:23
  • 20.###.247.255:23
  • 36.##8.109.0:23
  • 54.###.171.96:23
  • 19#.##3.115.221:23
  • 27.###.45.128:23
  • 20#.##1.252.244:23
  • 88.##.59.75:23
  • 11#.##.178.106:23
  • 19#.##.243.96:23
  • 77.##.82.185:23
  • 16#.##.21.146:23
  • 13#.##4.158.245:23
  • 67.##.34.217:23
  • 11#.##.40.173:23
  • 24.###.98.168:23
  • 45.###.97.124:23
  • 18#.##.143.59:23
  • 21#.##5.133.231:23
  • 12#.#.138.160:23
  • 12#.##.126.35:23
  • 12#.##.39.166:23
  • 13#.#0.6.192:23
  • 20#.##.157.164:23
  • 21#.##5.48.63:23
  • 57.#.134.14:23
  • 64.###.26.209:23
  • 19#.##9.232.204:23
  • 34.#.119.201:23
  • 35.##.40.80:23
  • 18#.##8.148.232:23
  • 17#.##.31.194:23
  • 17#.##.194.35:23
  • 89.##.99.31:23
  • 15#.##2.247.134:23
  • 13#.##7.40.137:23
  • 18#.##4.249.255:23
  • 18#.##8.52.134:23
  • 20#.##4.111.187:23
  • 15#.##.60.207:23
  • 83.##.127.225:23
  • 12#.##9.184.154:23
  • 14.##.136.152:23
  • 17#.##3.246.100:23
  • 98.###.248.40:23
  • 13#.##1.112.95:23
  • 14#.##7.153.106:23
  • 38.##.252.9:23
  • 19#.##.238.12:23
  • 21#.##1.129.157:23
  • 16#.#.14.5:23
  • 19.##.109.232:23
  • 20#.##1.186.231:23
  • 17#.##3.89.201:23
  • 11#.##8.217.202:23
  • 19#.##0.52.171:23
  • 54.##.18.125:23
  • 8.##.165.77:23
  • 10#.##6.115.184:23
  • 47.##.153.128:23
  • 22#.##6.150.205:23
  • 19#.##8.77.165:23
  • 10#.##7.235.183:23
  • 8.#.#6.116:23
  • 17#.##7.72.104:23
  • 15#.##7.13.111:23
  • 18#.##.137.152:23
  • 15#.##.144.101:23
  • 10#.##7.136.178:23
  • 18#.##.195.10:23
  • 48.##3.164.3:23
  • 18#.##1.200.34:23
  • 83.##.137.251:23
  • 11#.##8.179.16:23
  • 13#.##.228.200:23
  • 59.##.145.207:23
  • 92.##.170.112:23
  • 61.###.41.125:23
  • 35.###.149.189:23
  • 57.##.83.207:23
  • 21#.##.91.132:23
  • 17#.##0.70.25:23
  • 12#.##2.140.54:23
  • 22#.#.233.187:23
  • 18#.##.186.123:23
  • 54.##.250.166:23
  • 17#.##2.171.157:23
  • 46.###.138.27:23
  • 63.###.53.116:23
  • 20#.##1.63.149:23
  • 14#.##.167.158:23
  • 22#.##4.7.252:23
  • 60.##.111.145:23
  • 10#.##9.131.68:23
  • 19#.##.27.163:23
  • 14#.##.24.106:23
  • 10#.##.216.180:23
  • 15#.#.113.19:23
  • 19#.##6.72.152:23
  • 31.###.238.65:23
  • 69.###.109.175:23
  • 89.###.154.89:23
  • 94.##.166.168:23
  • 42.###.128.201:23
  • 65.###.12.150:23
  • 11#.##.223.220:23
  • 19#.##6.190.249:23
  • 13#.##1.75.186:23
  • 15#.##1.139.137:23
  • 10#.##7.123.95:23
  • 10#.##5.164.116:23
  • 17#.##6.17.32:23
  • 81.###.246.108:23
  • 85.###.152.39:23
  • 97.###.161.91:23
  • 19#.#6.88.62:23
  • 17#.##2.191.98:23
  • 12#.##3.192.8:23
  • 20#.##.15.201:23
  • 21#.##6.203.183:23
  • 24.###.144.227:23
  • 20#.##.249.89:23
  • 17#.##5.96.16:23
  • 17#.##2.144.244:23
  • 35.##.32.228:23
  • 92.###.216.168:23
  • 24.##.8.60:23
  • 89.###.236.16:23
  • 52.##.176.219:23
  • 80.##.86.59:23
  • 13#.##8.19.76:23
  • 94.###.172.179:23
  • 51.##.78.167:23
  • 8.##.187.30:23
  • 37.###.205.42:23
  • 19#.##1.29.69:23
  • 35.##.145.146:23
  • 60.##.182.61:23
  • 54.##.77.98:23
  • 77.###.159.111:23
  • 1.###.29.110:23
  • 9.###.173.20:23
  • 41.##.137.241:23
  • 10#.##3.145.144:23
  • 10#.##5.54.13:23
  • 13.##.99.8:23
  • 16#.##.214.200:23
  • 36.##.210.249:23
  • 58.###.228.136:23
  • 16#.##4.156.247:23
  • 22#.##5.91.168:23
  • 64.##.93.216:23
  • 13#.##3.245.114:23
  • 62.###.13.127:23
  • 10#.##4.78.20:23
  • 95.###.119.38:23
  • 77.##.51.2:23
  • 10#.##5.160.234:23
  • 19#.##3.190.255:23
  • 20#.##.170.208:23
  • 77.###.191.50:23
  • 44.##.210.50:23
  • 15#.##.172.183:23
  • 27.###.123.84:23
  • 13#.##5.226.101:23
  • 20#.##.120.87:23
  • 45.#.229.249:23
  • 57.###.161.108:23
  • 62.##1.31.69:23
  • 16#.##.180.56:23
  • 94.##.98.182:23
  • 14#.##6.96.62:23
  • 12#.##1.103.2:23
  • 22#.##6.168.202:23
  • 14#.##.22.110:23
  • 22#.##.177.36:23
  • 14#.##1.179.103:23
  • 25.###.251.142:23
  • 11#.##.216.51:23
  • 15#.#.134.203:23
  • 18#.##.233.191:23
  • 21#.##.151.175:23
  • 15#.##6.38.114:23
  • 20#.##.204.125:23
  • 70.###.189.107:23
  • 20.##1.27.47:23
  • 13#.##0.192.146:23
  • 1.##.249.49:23
  • 20#.##4.72.183:23
Receives data from the following servers:
  • 19#.##0.239.183:335

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number