FOR CUSTOMERS

My library

+ Add to library

Search

24/7 Tech support | Rules regarding submitting

Send a message

Call us

+7 (495) 789-45-86

Forum

Your tickets

Total: -
Active: -
Latest: -

Call us

+7 (495) 789-45-86

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY

Support services

Dr.Web vxCube

Sign in to Dr.Web vxCube

VCI investigations

Virus library

Knowledge base

Technologies

Terminology

Training and education

Myths

Myths about anti-viruses

Linux.Siggen.3296

Added to the Dr.Web virus database: 2020-08-19

Virus description added: 2020-08-18

Technical Information

Malicious functions:

Removes itself

Launches itself as a daemon

Substitutes application name for:

eao0tal3iy1g5ui25al3
fr1j1g5g2lo14qvr1g
aox0ugbacac1o1tbbmb0ke
fjuheykqtydcaxibmlrey3e
jagl1gg2rmcmfd1l2mnqu
iq3xhgrygcpt2j1zp2elqz
cvefycmpkujl1ccim52rjf
dbgq4vq1wkp
v1f3yx2aajjbv1yofnxqhvd
vmyo1fmigboyxpmf
eqgkmznpf4m
v1cut1ut3120bat
mc3yfthbj3wwx
15mdlppqxm11q5sqb0dq3e
5vwop1f4pzobe
a01cbznkl5px2iwf
lzsg0g1bviww
c1gym3x5fm1q5
adld1e4asgglh0m31re403
ypyp1u4vwvkog5dtwwp

Performs operations with the file system:

Creates or modifies files:

<SAMPLE_FULL_PATH>

Network activity:

Awaits incoming connections on ports:

19#.##8.215.50:1631

Establishes connection:

8.#.8.8:53
45.##.168.80:7777

Curing recommendations

Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number