Technical Information
Malicious functions:
Launches itself as a daemon
Kills system processes:
- sshd
Kills the following processes:
- systemd
Network activity:
Awaits incoming connections on ports:
- 0.0.0.0:8235
Establishes connection:
- 8.#.8.8:53
- 45.##.196.75:4859
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
- 45.##.196.75:4859
- 15#.##7.85.207:23
- 15#.##7.11.122:23
- 15#.##7.230.170:23
- 15#.##7.122.46:23
- 15#.##7.233.233:23
- 15#.##7.57.156:23
- 15#.##7.106.131:23
- 15#.##7.232.155:23
- 15#.##7.106.238:23
- 15#.##7.231.194:23
- 15#.##7.109.117:23
- 15#.##7.162.234:23
- 15#.##7.83.60:23
- 15#.#77.87.4:23
- 15#.##7.135.16:23
- 15#.##7.170.143:23
- 15#.##7.126.242:23
- 15#.##7.52.208:23
- 15#.##7.69.248:23
- 15#.##7.99.30:23
- 15#.##7.216.180:23
- 15#.##7.55.209:23
- 15#.##7.96.88:23
- 15#.##7.230.87:23
- 15#.##7.200.164:23
- 15#.##7.116.249:23
- 15#.##7.241.33:23
- 15#.##7.189.15:23
- 15#.##7.194.200:23
- 15#.##7.153.174:23
- 15#.#77.6.97:23
- 15#.##7.183.158:23
- 15#.##7.193.150:23
- 15#.##7.143.22:23
- 15#.##7.181.10:23
- 15#.##7.24.92:23
- 15#.##7.36.199:23
- 15#.##7.117.8:23
- 15#.##7.105.180:23
- 15#.##7.209.178:23
- 15#.##7.72.25:23
- 15#.##7.173.177:23
- 15#.##7.186.169:23
- 15#.##7.5.216:23
- 15#.##7.159.251:23
- 15#.##7.131.150:23
- 15#.##7.201.112:23
- 15#.##7.162.167:23
- 15#.##7.191.114:23
- 15#.##7.35.149:23
- 15#.##7.62.32:23
- 15#.##7.247.86:23
- 15#.##7.81.75:23
- 15#.##7.96.180:23
- 15#.##7.164.72:23
- 15#.##7.110.238:23
- 15#.##7.96.236:23
- 15#.##7.1.102:23
- 15#.#77.5.9:23
- 15#.##7.221.229:23
- 15#.##7.175.185:23
- 15#.##7.236.191:23
- 15#.##7.134.248:23
- 15#.##7.230.3:23
- 15#.##7.110.57:23
- 15#.##7.30.163:23
- 15#.##7.44.169:23
- 15#.##7.14.46:23
- 15#.##7.230.56:23
- 15#.##7.118.2:23
- 15#.##7.250.182:23
- 15#.##7.56.142:23
- 15#.##7.70.108:23
- 15#.##7.143.190:23
- 15#.##7.230.32:23
- 15#.##7.77.120:23
- 15#.##7.175.123:23
- 15#.##7.125.101:23
- 15#.##7.155.12:23
- 15#.##7.25.250:23
- 15#.##7.230.11:23
- 15#.##7.73.67:23
- 15#.##7.98.111:23
- 15#.##7.230.82:23
- 15#.##7.205.225:23
- 15#.##7.198.86:23
- 15#.##7.225.20:23
- 15#.##7.15.169:23
- 15#.##7.51.22:23
- 15#.##7.215.150:23
- 15#.##7.132.74:23
- 15#.##7.156.68:23
- 15#.##7.165.182:23
- 15#.##7.139.111:23
- 15#.##7.130.251:23
- 15#.##7.164.59:23
- 15#.##7.207.235:23
- 15#.##7.1.122:23
- 15#.##7.68.69:23
- 15#.##7.8.108:23
- 15#.##7.34.246:23
- 15#.##7.101.223:23
- 15#.##7.219.124:23
- 15#.##7.182.248:23
- 15#.##7.100.167:23
- 15#.##7.160.11:23
- 15#.##7.206.86:23
- 15#.##7.194.8:23
- 15#.##7.125.23:23
- 15#.##7.245.167:23
- 15#.##7.35.61:23
- 15#.##7.180.163:23
- 15#.##7.201.137:23
- 15#.##7.19.99:23
- 15#.##7.185.14:23
- 15#.##7.148.182:23
- 15#.##7.204.236:23
- 15#.##7.147.57:23
- 15#.##7.244.222:23
- 15#.##7.130.233:23
- 15#.##7.114.59:23
- 15#.##7.158.255:23
- 15#.##7.140.27:23
- 15#.##7.208.45:23
- 15#.##7.25.162:23
- 15#.##7.90.110:23
- 15#.##7.77.235:23
- 15#.##7.213.54:23
- 15#.##7.113.203:23
- 15#.##7.74.175:23
- 15#.##7.201.52:23
- 15#.##7.96.36:23
- 15#.##7.197.147:23
- 15#.#77.1.2:23
- 15#.##7.237.98:23
- 15#.##7.152.177:23
- 15#.##7.124.211:23
- 15#.##7.130.248:23
- 15#.##7.44.140:23
- 15#.##7.47.154:23
- 15#.##7.45.38:23
- 15#.##7.166.125:23
- 15#.##7.223.18:23
- 15#.##7.194.93:23
- 15#.##7.175.19:23
- 15#.##7.11.154:23
- 15#.##7.166.223:23
- 15#.##7.121.194:23
- 15#.##7.103.216:23
- 15#.##7.85.74:23
- 15#.##7.91.243:23
- 15#.##7.207.166:23
- 15#.##7.184.92:23
- 15#.##7.117.41:23
- 15#.##7.9.182:23
- 15#.##7.247.54:23
- 15#.##7.14.119:23
- 15#.#77.64.9:23
- 15#.##7.124.189:23
- 15#.##7.100.144:23
- 15#.##7.107.246:23
- 15#.##7.31.83:23
- 15#.##7.9.104:23
- 15#.##7.157.204:23
- 15#.##7.194.70:23
- 15#.##7.205.159:23
- 15#.##7.93.208:23
- 15#.##7.96.219:23
- 15#.##7.81.55:23
- 15#.##7.138.34:23
- 15#.##7.137.187:23
- 15#.##7.7.109:23
- 15#.##7.178.217:23
- 15#.##7.247.98:23
- 15#.##7.50.91:23
- 15#.##7.181.237:23
- 15#.##7.36.131:23
- 15#.##7.164.137:23
- 15#.##7.195.80:23
- 15#.##7.188.160:23
- 15#.##7.248.216:23
- 15#.##7.58.53:23
- 15#.##7.16.213:23
- 15#.##7.66.86:23
- 15#.##7.88.62:23
- 15#.##7.70.81:23
- 15#.##7.160.122:23
- 15#.##7.26.97:23
- 15#.##7.57.55:23
- 15#.##7.234.194:23
- 15#.##7.152.88:23
- 15#.#77.45.7:23
- 15#.##7.68.208:23
- 15#.##7.33.39:23
- 15#.##7.160.225:23
- 15#.##7.66.229:23
- 15#.##7.28.200:23
- 15#.##7.139.71:23
- 15#.##7.30.60:23
- 15#.##7.66.57:23
- 15#.#77.9.75:23
- 15#.##7.240.157:23
- 15#.##7.126.4:23
- 15#.##7.232.144:23
- 15#.##7.216.34:23
- 15#.##7.104.8:23
- 15#.##7.67.125:23
- 15#.##7.181.26:23
- 15#.##7.228.21:23
- 15#.##7.177.204:23
- 15#.##7.208.171:23
- 15#.##7.187.36:23
- 15#.##7.196.69:23
- 15#.##7.203.119:23
- 15#.##7.243.126:23
- 15#.##7.151.24:23
- 15#.##7.171.201:23
- 15#.##7.150.178:23
- 15#.##7.220.244:23
- 15#.##7.24.216:23
- 15#.##7.156.29:23
- 15#.##7.19.56:23
- 15#.##7.53.131:23
- 15#.##7.26.147:23
- 15#.##7.93.148:23
- 15#.##7.70.167:23
- 15#.##7.27.243:23
- 15#.##7.204.224:23
- 15#.##7.125.19:23
- 15#.##7.201.193:23
- 15#.##7.69.195:23
- 15#.##7.87.142:23
- 15#.##7.34.64:23
- 15#.##7.103.123:23
- 15#.##7.237.63:23
- 15#.##7.159.190:23
- 15#.##7.208.111:23
- 15#.##7.48.64:23
- 15#.##7.130.223:23
- 15#.##7.236.242:23
- 15#.##7.177.174:23
- 15#.##7.168.122:23
- 15#.##7.56.75:23
- 15#.##7.9.238:23
- 15#.##7.93.28:23
- 15#.##7.218.9:23
- 15#.##7.231.208:23
- 15#.##7.194.190:23
- 15#.##7.236.84:23
- 15#.##7.77.35:23
- 15#.##7.109.247:23
- 15#.##7.229.202:23
- 15#.##7.101.189:23
- 15#.##7.197.206:23
- 15#.##7.159.206:23
- 15#.##7.12.96:23
- 15#.##7.179.94:23
- 15#.##7.128.179:23
- 15#.##7.170.220:23
- 15#.##7.166.45:23
- 15#.##7.234.160:23
- 15#.##7.110.99:23
- 15#.##7.49.218:23
- 15#.##7.59.191:23
- 15#.##7.29.61:23
- 15#.##7.240.238:23
- 15#.##7.202.105:23
- 15#.##7.22.122:23
- 15#.##7.26.68:23
- 15#.##7.166.136:23
- 15#.##7.98.255:23
- 15#.##7.191.68:23
- 15#.##7.129.116:23
- 15#.##7.98.128:23
- 15#.##7.233.179:23
- 15#.##7.172.21:23
- 15#.##7.215.169:23
- 15#.##7.49.96:23
- 15#.##7.96.228:23
- 15#.##7.41.181:23
- 15#.##7.41.113:23
- 15#.##7.112.162:23
- 15#.##7.212.206:23
- 15#.##7.226.210:23
- 15#.##7.124.147:23
- 15#.##7.242.9:23
- 15#.##7.236.108:23
- 15#.##7.33.104:23
- 15#.##7.88.212:23
- 15#.##7.119.7:23
- 15#.##7.212.245:23
- 15#.##7.200.17:23
- 15#.##7.35.163:23
- 15#.##7.43.46:23
- 15#.##7.153.85:23
- 15#.##7.60.103:23
- 15#.##7.59.211:23
- 15#.##7.217.121:23
- 15#.##7.238.70:23
- 15#.##7.214.207:23
- 15#.##7.241.231:23
- 15#.##7.21.115:23
- 15#.##7.71.93:23
- 15#.##7.195.102:23
- 15#.##7.184.109:23
- 15#.##7.102.169:23
- 15#.##7.111.30:23
- 15#.##7.236.130:23
- 15#.##7.105.201:23
- 15#.##7.187.172:23
- 15#.##7.9.142:23
- 15#.##7.244.150:23
- 15#.##7.3.119:23
- 15#.##7.33.121:23
- 15#.##7.151.195:23
- 15#.##7.69.15:23
Receives data from the following servers:
- 45.##.196.75:4859
