JavaScript support is required for our site to be fully operational in your browser.
Linux.Siggen.6931
Added to the Dr.Web virus database:
2024-04-10
Virus description added:
2024-04-09
Technical Information
Malicious functions:
Removes itself
Manages services:
['/bin/systemctl', 'enable', 'bot']
Launches processes:
Performs operations with the file system:
Creates or modifies files:
/etc/init/bot.conf
/root/.bashrc
/usr/lib/systemd/system/bot.service
Network activity:
Establishes connection:
89.###.156.4:7070
68.##.59.215:21
68.##.59.215:22
68.##.59.215:23
68.##.59.215:80
68.##.59.215:443
68.##.59.215:502
68.##.59.215:1025
68.##.59.215:1883
68.##.59.215:2002
68.##.59.215:2323
68.##.59.215:2601
68.##.59.215:5523
68.##.59.215:5683
21#.##.164.33:21
21#.##.164.33:22
21#.##.164.33:23
21#.##.164.33:80
21#.##.164.33:443
21#.##.164.33:502
Sends data to the following servers:
Receives data from the following servers:
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
Download Dr.Web for Android
Free three-month trial
All protection features available
Renew your trial license in AppGallery/on Google Pay
By continuing to use this website, you are consenting to Doctor Web’s use of cookies and other technologies related to the collection of visitor statistics. Learn more
OK