Technical Information
Malicious functions:
Launches itself as a daemon
Network activity:
Awaits incoming connections on ports:
- 127.0.0.1:27996
- 0.0.0.0:23
- 0.0.0.0:22
- 0.0.0.0:443
- 0.0.0.0:81
- 0.0.0.0:8080
Establishes connection:
- 8.#.8.8:53
- 15#.###.82.144:24512
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
- 16#.#.104.246:23
- 18#.##3.115.173:23
- 11#.##.208.107:23
- 16#.##.53.187:23
- 11#.##.188.105:23
- 16#.##8.150.156:23
- 13#.##0.216.97:23
- 4.###.170.250:23
- 10#.##6.190.78:23
- 13#.##5.179.195:23
- 20#.##9.105.91:23
- 17#.##8.5.230:23
- 12#.##8.115.11:23
- 12#.##.201.56:23
- 12#.##.48.237:23
- 65.###.48.209:23
- 14#.##2.99.242:23
- 59.#.78.148:23
- 20.##8.148.5:23
- 12#.##1.220.163:23
- 10#.##.243.71:23
- 82.###.88.211:23
- 19#.##3.148.46:23
- 42.###.154.195:23
- 23.###.191.97:23
- 21#.##2.3.215:23
- 11#.##6.253.85:23
- 15#.#0.82.76:23
- 74.##.27.150:23
- 78.##.250.208:23
- 19#.##9.26.48:23
- 66.###.161.62:23
- 74.##6.38.26:23
- 12#.##1.102.29:23
- 21#.##9.52.118:23
- 21#.##5.165.198:23
- 20#.##.172.179:23
- 17.###.237.173:23
- 10#.##1.42.48:23
- 89.###.241.61:23
- 73.###.172.131:23
- 15#.##8.216.200:23
- 59.###.229.163:23
- 18#.##3.30.138:23
- 21#.##2.81.250:23
- 84.###.190.158:23
- 12#.##.67.149:23
- 11#.##2.95.254:23
- 15#.#68.9.2:23
- 53.###.112.218:23
- 15#.##2.92.112:23
- 20#.##0.85.158:23
- 21#.##.153.195:23
- 23.##.166.220:23
- 17#.##5.38.148:23
- 19#.##.157.171:23
- 81.##.237.157:23
- 14#.##0.31.91:23
- 11#.##.56.152:23
- 59.##.190.180:23
- 87.##.113.230:23
- 98.###.21.215:23
- 2.###.252.154:23
- 17#.##1.7.249:23
- 66.##9.95.27:23
- 37.###.116.104:23
- 42.###.206.180:23
- 98.###.176.178:23
- 97.##.16.215:23
- 15#.#.37.138:23
- 17.###.132.203:23
- 63.##.51.128:23
- 68.##.160.43:23
- 39.##.170.102:23
- 10#.##.173.174:23
- 16#.##.92.225:23
- 16#.##.41.138:23
- 13#.##8.43.155:23
- 12#.##3.111.139:23
- 20#.##3.216.70:23
- 20#.##5.38.180:23
- 14#.##7.216.253:23
- 12#.##2.204.1:23
- 14#.##.159.159:23
- 60.#.149.84:23
- 17.##.103.53:23
- 84.###.217.16:23
- 32.###.153.136:23
- 83.##.2.164:23
- 45.###.200.61:23
- 21#.#56.1.33:23
- 18#.##8.120.198:23
- 97.##.14.45:23
- 31.###.193.25:23
- 22#.##.111.97:23
- 92.##.81.150:23
- 11#.##3.196.135:23
- 47.###.38.140:23
- 31.###.208.251:23
- 22#.##9.137.47:23
- 12#.##6.147.27:23
- 21#.##.28.204:23
- 43.##2.99.76:23
- 39.##.52.128:23
- 17#.##5.62.236:23
- 73.###.147.226:23
- 12#.##4.59.167:23
- 98.###.47.206:23
- 12#.##7.149.109:23
- 8.###.57.144:23
- 14#.##2.255.116:23
- 11#.##.113.97:23
- 20#.##9.31.92:23
- 53.###.227.117:23
- 83.###.178.244:23
- 16#.##3.87.93:23
- 37.###.117.204:23
- 16#.##.203.157:23
- 44.###.214.251:23
- 89.##.175.241:23
- 87.##.230.189:23
- 15#.##.216.136:23
- 24.##9.6.15:23
- 17.##6.45.48:23
- 20#.##6.217.118:23
- 76.##.41.60:23
- 77.###.108.138:23
- 74.##.143.88:23
- 19#.##.243.29:23
- 23.###.140.98:23
- 54.#.115.56:23
- 24.###.130.117:23
- 11#.#.98.186:23
- 37.###.191.29:23
- 80.#.164.159:23
- 19#.##.93.119:23
- 10#.##4.96.232:23
- 10#.##1.164.117:23
- 59.##.174.231:23
- 16#.##.55.177:23
- 79.###.102.187:23
- 12#.##.172.25:23
- 78.###.120.88:23
- 95.###.253.212:23
- 14#.##1.177.68:23
- 75.###.153.29:23
- 15#.##0.172.189:23
- 19#.##.204.128:23
- 20#.##8.1.239:23
- 90.###.148.191:23
- 86.##.137.193:23
- 11#.#7.7.148:23
- 21#.##1.41.26:23
- 99.###.255.242:23
- 2.###.36.175:23
- 36.###.163.24:23
- 12#.##9.121.101:23
- 79.##.29.69:23
- 68.##9.9.244:23
- 81.###.194.205:23
- 42.##9.62.44:23
- 16#.##3.199.96:23
- 21#.##7.41.22:23
- 1.###.104.196:23
- 20#.##6.54.36:23
- 70.###.222.30:23
- 10#.##1.205.14:23
- 12#.#2.37.68:23
- 46.###.242.131:23
- 19#.##5.84.248:23
- 20#.##9.121.137:23
- 11#.##7.127.25:23
- 59.##2.245.8:23
- 10#.##.112.70:23
- 14#.##.208.45:23
- 78.#.249.211:23
- 21#.#0.54.93:23
- 19#.##.199.142:23
- 13#.##7.141.118:23
- 18#.##.197.237:23
- 98.##.84.147:23
- 20#.##1.202.14:23
- 91.###.120.107:23
- 19#.##.189.253:23
- 73.###.236.83:23
- 46.##.94.240:23
- 12#.##1.99.116:23
- 19#.##5.26.25:23
- 20#.##6.119.29:23
- 23.###.126.215:23
- 15#.##1.105.86:23
- 27.##.242.224:23
- 4.##.228.204:23
- 13#.##.159.217:23
- 35.###.208.62:23
- 11#.##9.147.188:23
- 21#.#9.4.193:23
- 10#.##0.103.172:23
- 10#.##.185.174:23
- 68.###.205.120:23
- 16#.##1.204.118:23
- 21#.##2.253.233:23
- 14#.##9.202.215:23
- 77.##.140.202:23
- 38.###.144.17:23
- 11#.#6.119.6:23
- 99.##.158.17:23
- 13.###.162.158:23
- 17#.##3.201.116:23
- 18#.##0.122.239:23
- 19#.##2.226.39:23
- 2.###.152.227:23
- 14#.##4.140.127:23
- 10#.##0.54.227:23
- 15#.##3.64.119:23
- 61.###.136.198:23
- 14.###.131.23:23
- 31.##.130.134:23
- 18#.##.245.199:23
- 89.###.39.132:23
- 8.###.251.152:23
- 11#.##2.248.188:23
- 15#.##4.178.226:23
- 98.##6.95.38:23
- 18#.##4.229.187:23
- 20#.##.111.184:23
- 12#.##1.181.157:23
- 38.##.50.147:23
- 10#.##0.227.202:23
- 14.###.62.174:23
- 14#.##7.160.205:23
- 15#.#8.51.18:23
- 40.###.188.44:23
- 11#.##7.37.136:23
- 10#.##.140.19:23
- 1.###.55.112:23
- 92.###.138.246:23
- 18.###.199.140:23
- 17#.##2.95.157:23
- 10#.##3.100.160:23
