JavaScript support is required for our site to be fully operational in your browser.
Linux.Siggen.6930
Added to the Dr.Web virus database:
2024-04-10
Virus description added:
2024-04-09
Technical Information
Malicious functions:
Removes itself
Manages services:
['/bin/systemctl', 'enable', 'bot']
Launches processes:
Performs operations with the file system:
Creates or modifies files:
/etc/init/bot.conf
/root/.bashrc
/lib/systemd/system/bot.service
Network activity:
Establishes connection:
89.###.156.4:7070
20#.##.139.35:21
20#.##.139.35:22
20#.##.139.35:23
20#.##.139.35:80
20#.##.139.35:443
20#.##.139.35:502
20#.##.139.35:1025
20#.##.139.35:1883
20#.##.139.35:2002
20#.##.139.35:2323
20#.##.139.35:2601
20#.##.139.35:5523
20#.##.139.35:5683
29.###.56.200:21
29.###.56.200:22
29.###.56.200:23
29.###.56.200:80
29.###.56.200:443
29.###.56.200:502
29.###.56.200:1025
29.###.56.200:1883
Sends data to the following servers:
Receives data from the following servers:
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
Download Dr.Web for Android
Free three-month trial
All protection features available
Renew your trial license in AppGallery/on Google Pay
By continuing to use this website, you are consenting to Doctor Web’s use of cookies and other technologies related to the collection of visitor statistics. Learn more
OK