FOR CUSTOMERS

My library

+ Add to library

Search

24/7 Tech support | Rules regarding submitting

Send a message

Call us

+7 (495) 789-45-86

Forum

Your tickets

Total: -
Active: -
Latest: -

Call us

+7 (495) 789-45-86

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY

Support services

Dr.Web vxCube

Sign in to Dr.Web vxCube

VCI investigations

Virus library

Knowledge base

Technologies

Terminology

Training and education

Myths

Myths about anti-viruses

Linux.Siggen.5634

Added to the Dr.Web virus database: 2023-10-05

Virus description added: 2023-10-05

Technical Information

Malicious functions:

Removes itself

Manages services:

['systemctl', 'stop', 'system-daemon.service']
['systemctl', 'disable', 'system-daemon.service']
['systemctl', '--version']
['systemctl', 'enable', 'system-daemon.service']
['systemctl', 'daemon-reload']
['systemctl', 'start', 'system-daemon.service']

Launches processes:

/usr/lib/accountsservice/system-daemon fd9de7ac314ecf02f71af558781cd9f9

Performs operations with the file system:

Creates folders:

/usr/lib/accountsservice

Creates or modifies files:

/usr/lib/accountsservice/system-daemon
/etc/systemd/system/system-daemon.service

Changes time of creation/access/modification of files:

/usr/lib/accountsservice/system-daemon

Curing recommendations

Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number