Technical Information
Malicious functions:
Launches itself as a daemon
Substitutes application name for:
Network activity:
Awaits incoming connections on ports:
- 127.0.0.1:33337
Establishes connection:
- 8.#.8.8:53
- 19#.##.28.148:33335
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
- 19#.##.28.148:33335
- 88.##.90.81:23
- 18#.#90.84.6:23
- 64.###.251.251:23
- 21#.##3.218.237:23
- 25#.##6.249.40:23
- 41.##.126.158:23
- 23#.#.137.241:23
- 80.###.196.30:23
- 61.###.219.56:23
- 19#.##.245.78:23
- 20#.##1.179.10:23
- 20#.##.239.235:23
- 95.##.165.96:23
- 20#.##1.160.61:23
- 20#.##7.211.242:23
- 22#.##5.133.188:23
- 11#.#9.9.90:23
- 16#.##.164.93:23
- 20#.##5.79.150:23
- 14#.##8.17.70:23
- 14#.##9.131.94:23
- 14#.##6.163.87:23
- 10#.##5.75.96:23
- 17#.##.107.110:23
- 11#.#49.8.83:23
- 16#.##.212.123:23
- 18#.##1.67.179:23
- 11#.##0.66.18:23
- 42.##.19.160:23
- 21#.##4.30.98:23
- 72.###.97.204:23
- 23#.##4.106.237:23
- 21#.##.198.13:23
- 47.###.46.208:23
- 19#.##7.157.82:23
- 43.##.221.71:23
- 12#.#4.76.6:23
- 19#.##.108.241:23
- 23#.##3.228.15:23
- 20#.##2.91.233:23
- 9.###.108.44:23
- 51.##.94.42:23
- 7.###.135.168:23
- 53.#.242.102:23
- 20#.##.224.147:23
- 14#.##7.230.73:23
- 11#.##.21.145:23
- 74.##.173.79:23
- 12#.##.21.116:23
- 15#.##.227.189:23
- 84.##.227.42:23
- 15#.#8.101.7:23
- 94.##.85.212:23
- 5.#.#98.56:23
- 18#.##.41.118:23
- 22#.##4.35.221:23
- 10#.##6.21.182:23
- 17#.##4.1.136:23
- 14#.##7.1.178:23
- 22#.##9.153.237:23
- 18#.#.240.21:23
- 32.##.228.9:23
- 65.###.182.161:23
- 43.##2.14.60:23
- 11#.##.36.233:23
- 10#.##5.141.242:23
- 14#.##8.22.21:23
- 10#.#.43.235:23
- 15#.##.152.149:23
- 25#.##9.233.242:23
- 57.###.191.247:23
- 23#.##.12.223:23
- 18#.##.200.209:23
- 52.###.50.175:23
- 14#.#58.68.4:23
- 21#.##5.42.17:23
- 47.###.62.228:23
- 20.###.254.222:23
- 22#.##1.123.123:23
- 12#.##.107.60:23
- 20#.##.115.159:23
- 20#.##.209.77:23
- 16#.##.96.125:23
- 31.##7.21.42:23
- 18#.##.118.105:23
- 14#.##.179.47:23
- 10#.##.55.203:23
- 15#.##.65.171:23
- 80.###.63.247:23
- 25#.##0.118.222:23
- 25#.#4.71.77:23
- 25#.##1.247.77:23
- 24#.##.234.13:23
- 84.##.253.168:23
- 18#.##.184.227:23
- 7.##.37.229:23
- 22#.##.204.169:23
- 12#.##0.135.197:23
- 14#.##5.238.146:23
- 17#.##1.109.88:23
- 24#.##3.99.210:23
- 16#.##9.204.65:23
- 23#.##2.48.148:23
- 74.###.84.239:23
- 13#.##2.222.222:23
- 10#.##7.200.184:23
- 49.##.65.124:23
- 44.###.50.212:23
- 12#.##.179.226:23
- 23#.##6.184.234:23
- 30.###.81.140:23
- 28.##.8.172:23
- 14#.##3.220.101:23
- 25.###.247.163:23
- 11#.##6.66.41:23
- 53.###.109.107:23
- 18#.##2.8.248:23
- 13#.##3.10.219:23
- 22#.##2.60.156:23
- 25#.##7.246.1:23
- 53.##.107.160:23
- 53.##.20.224:23
- 16#.#15.8.59:23
- 51.###.223.115:23
- 15#.##.255.215:23
- 19.###.156.190:23
- 12#.##6.255.171:23
- 74.##.151.213:23
- 24#.##.220.148:23
- 33.###.225.199:23
- 13#.##1.160.90:23
- 87.###.113.106:23
- 18.###.28.145:23
- 10#.##5.177.231:23
- 75.##.98.34:23
- 36.###.221.213:23
- 30.##.177.166:23
- 66.###.44.134:23
- 21#.##.61.121:23
- 17#.##8.24.137:23
- 57.###.192.226:23
- 64.##.24.42:23
- 77.##.73.56:23
- 49.###.77.100:23
- 79.##7.30.2:23
- 19.##.207.125:23
- 23#.##7.49.19:23
- 19#.##6.23.166:23
- 56.##.136.81:23
- 10#.#3.4.137:23
- 53.##.162.245:23
- 20#.##.195.121:23
- 13#.##9.133.238:23
- 75.###.146.101:23
- 91.##.67.167:23
- 36.###.219.48:23
- 14#.##.242.181:23
- 16#.##1.237.14:23
- 10#.##.157.70:23
- 15#.##2.193.90:23
- 16.##.43.114:23
- 15#.##2.234.1:23
- 24#.##9.202.63:23
- 15#.##8.51.238:23
- 15#.#4.78.89:23
- 23.###.252.93:23
- 21#.##.24.195:23
- 11.##.169.160:23
- 32.##.196.21:23
- 13#.##5.46.194:23
- 13#.##6.109.120:23
- 73.##.111.27:23
- 80.###.75.235:23
- 19#.##9.132.192:23
- 17#.##2.120.53:23
- 30.###.254.116:23
- 17#.##6.129.60:23
- 15#.##4.11.20:23
- 21#.##2.103.150:23
- 63.###.139.35:23
- 24#.##2.85.10:23
- 20#.##6.243.253:23
- 97.##.164.143:23
- 16#.##6.182.130:23
- 55.##.227.183:23
- 13#.##.222.69:23
- 24.###.232.179:23
- 11#.##.195.52:23
- 19#.##2.132.118:23
- 1.###.190.117:23
- 18#.##8.223.232:23
- 16#.##5.102.28:23
- 54.##.108.147:23
- 12#.##6.141.144:23
- 14.###.52.119:23
- 14.###.173.69:23
- 16#.##6.78.210:23
- 18#.##3.198.157:23
- 18#.##.244.109:23
- 7.###.57.188:23
- 25#.##8.26.99:23
- 92.##.129.219:23
- 36.##.178.178:23
- 24#.##2.115.30:23
- 53.##3.76.96:23
- 14#.##.153.53:23
- 18#.##8.110.139:23
- 12#.##7.46.175:23
- 21#.##4.142.161:23
- 48.##.109.24:23
- 99.###.218.124:23
- 59.###.182.79:23
- 14#.##3.236.103:23
- 20#.##1.58.247:23
- 21#.##.177.142:23
- 59.##3.0.134:23
- 39.###.44.138:23
- 11#.##4.38.27:23
- 82.###.185.193:23
- 43.###.250.18:23
- 15#.##7.64.233:23
- 23#.##.230.148:23
- 18#.##2.82.40:23
- 19.##6.6.13:23
- 23#.##.114.113:23
- 11#.#.144.178:23
- 17#.##6.180.79:23
- 86.#.51.140:23
- 18#.##3.119.30:23
- 21#.##0.79.38:23
- 26.##2.139.3:23
- 31.##.171.123:23
- 37.##.154.204:23
- 36.##.241.55:23
- 71.##.239.10:23
- 56.###.230.75:23
- 67.###.199.98:23
- 7.###.55.104:23
- 23#.##.138.179:23
- 15.##.157.83:23
- 21#.##6.110.102:23
- 14#.##7.185.120:23
- 14#.##.233.57:23
- 35.##6.63.94:23
- 17.##5.97.23:23
- 25.###.134.58:23
- 17#.##.145.253:23
- 76.##.218.0:23
- 57.##.194.140:23
- 10#.##.66.191:23
- 68.##8.20.85:23
- 52.###.47.137:23
- 24#.#.153.117:23
- 25#.##.146.126:23
- 91.###.143.183:23
- 22#.##.154.193:23
- 13#.##1.100.229:23
- 92.##1.98.31:23
- 61.##.84.40:23
- 69.###.199.23:23
- 28.###.125.32:23
- 86.##9.77.36:23
- 17#.##.167.23:23
- 21#.##.79.246:23
- 25#.##.180.11:23
- 23#.##4.142.50:23
- 22#.##7.165.229:23
- 62.##7.41.88:23
- 14#.#6.13.51:23
- 20#.##7.84.53:23
- 51.##.59.94:23
- 15#.#7.9.112:23
- 21#.#3.14.45:23
Receives data from the following servers:
- 19#.##.28.148:33335
