Техническая информация
Вредоносные функции:
Запускает себя в качестве демона
Подменяет имя приложения на:
- e38387
Сетевая активность:
Ожидает входящих соединений на портах:
- 127.0.0.1:33337
Устанавливает соединение:
- 8.#.8.8:53
- 10#.#00.5.10:24
Проводит атаку перебором по словарю (брутфорс) по протоколу Telnet.
DNS ASK:
- ro##y.shop
Посылает данные следующим серверам:
- 10#.#00.5.10:24
- 80.##.164.34:23
- 42.###.75.134:23
- 12#.##9.128.82:23
- 12#.#9.190.4:23
- 14#.##7.154.95:23
- 24#.##9.254.120:23
- 15#.##3.191.152:23
- 11#.##.195.121:23
- 54.##.32.10:23
- 16#.##9.199.14:23
- 17#.##.228.142:23
- 24#.##2.39.19:23
- 11#.#8.93.48:23
- 90.###.234.48:23
- 18#.##.196.114:23
- 16#.##5.20.165:23
- 11#.##2.89.127:23
- 11#.#.167.125:23
- 13#.##.236.140:23
- 10#.##6.200.201:23
- 2.###.55.216:23
- 15#.#2.158.2:23
- 99.##.136.26:23
- 14#.##1.44.75:23
- 18#.##1.83.219:23
- 16#.##1.124.18:23
- 25#.##8.115.209:23
- 53.###.190.152:23
- 15#.##3.209.176:23
- 13#.##.106.252:23
- 18#.##4.114.179:23
- 12#.##4.222.206:23
- 23#.##7.221.46:23
- 14#.##6.158.194:23
- 20#.##4.81.11:23
- 77.##.84.60:23
- 57.##.114.6:23
- 14#.##6.188.165:23
- 20#.##.43.156:23
- 19#.##7.224.149:23
- 37.###.111.170:23
- 17#.##.55.155:23
- 14#.##.198.131:23
- 23#.##6.91.87:23
- 10#.##9.153.77:23
- 82.###.212.182:23
- 17#.##5.57.68:23
- 13#.##2.130.119:23
- 19#.##3.136.116:23
- 25.##.56.85:23
- 75.###.110.171:23
- 14#.##4.159.251:23
- 12#.##5.221.243:23
- 17#.#0.105.3:23
- 16#.#46.22.7:23
- 19#.##9.53.231:23
- 17#.##0.115.143:23
- 94.###.106.124:23
- 22#.##3.70.86:23
- 10#.##.201.15:23
- 13#.##8.228.176:23
- 23#.##7.83.166:23
- 20#.##5.44.43:23
- 13#.##2.105.82:23
- 10#.#.213.103:23
- 14#.##.34.244:23
- 19#.##.131.74:23
- 15#.##.234.211:23
- 4.###.132.144:23
- 64.##.107.254:23
- 14#.##.181.218:23
- 69.##.104.38:23
- 19#.#9.24.42:23
- 58.##.210.103:23
- 54.###.239.14:23
- 21#.##5.252.194:23
- 42.###.215.208:23
- 14#.#67.11.2:23
- 46.##.66.7:23
- 15#.##2.122.17:23
- 10#.##6.35.46:23
- 16#.##8.223.48:23
- 22#.##.151.14:23
- 53.##.50.18:23
- 24#.##.115.58:23
- 2.###.153.200:23
- 15#.##.100.155:23
- 22#.##.94.132:23
- 14#.##1.10.95:23
- 16#.##0.137.10:23
- 93.###.149.107:23
- 24#.##8.84.119:23
- 65.##.252.138:23
- 15#.##3.251.22:23
- 17#.##.79.196:23
- 22.###.23.133:23
- 17#.##9.70.30:23
- 14#.##4.44.176:23
- 25#.##.237.50:23
- 11#.##4.54.182:23
- 20#.##9.61.22:23
- 22#.##.218.42:23
- 14#.##7.104.117:23
- 18#.##1.126.84:23
- 38.###.128.254:23
- 24#.##.243.102:23
- 69.##.24.251:23
- 25#.##.117.85:23
- 21#.##5.168.191:23
- 34.##.9.223:23
- 10#.##.24.186:23
- 69.##.179.46:23
- 21#.##2.6.187:23
- 11#.##.140.22:23
- 34.##.3.163:23
- 14#.##3.237.160:23
- 14#.##5.47.196:23
- 23#.##0.67.248:23
- 10#.##4.98.78:23
- 22#.##6.159.105:23
- 24#.#3.207.0:23
- 24#.##.47.236:23
- 25#.##3.128.110:23
- 17#.##0.55.41:23
- 18#.##7.125.133:23
- 15#.##7.70.61:23
- 12#.##.168.239:23
- 63.###.103.123:23
- 21#.##9.213.218:23
- 20#.##2.35.65:23
- 13#.##5.152.149:23
- 10#.#6.7.95:23
- 10#.#7.2.64:23
- 23#.##.76.221:23
- 17#.##5.213.58:23
- 17#.##7.31.74:23
- 18#.##.236.203:23
- 11#.##7.246.205:23
- 12.#.12.47:23
- 45.##.21.178:23
- 16#.#0.106.1:23
- 2.##.87.209:23
- 44.###.109.133:23
- 29.##.41.231:23
- 83.###.222.198:23
- 24#.##.198.23:23
- 12#.##.242.104:23
- 13#.##0.95.244:23
- 40.##.179.137:23
- 77.###.93.217:23
- 2.###.12.65:23
- 55.###.31.201:23
- 44.###.126.73:23
- 2.###.49.109:23
- 18#.##0.245.73:23
- 74.###.200.53:23
- 12#.##.184.79:23
- 15#.##4.197.248:23
- 11#.##5.234.172:23
- 25#.##.175.206:23
- 14.##.223.246:23
- 25#.##5.167.15:23
- 11#.##7.2.190:23
- 20#.##.116.109:23
- 62.###.226.160:23
- 21#.##.126.114:23
- 5.###.33.199:23
- 12#.##8.144.160:23
- 56.##7.29.20:23
- 15#.#0.219.9:23
- 17#.#0.34.11:23
- 68.###.245.159:23
- 22#.##.225.56:23
- 17.##.255.156:23
- 50.#.105.109:23
- 19#.##3.169.57:23
- 52.##.24.53:23
- 33.##.218.141:23
- 14#.#2.9.198:23
- 43.##.142.30:23
- 22#.#5.31.30:23
- 20#.#1.60.35:23
- 61.###.69.163:23
- 57.##0.49.64:23
- 13#.##5.82.159:23
- 11.##.250.222:23
- 18#.##.134.217:23
- 47.##.136.251:23
- 97.###.150.88:23
- 15#.##8.59.100:23
- 33.#.19.142:23
- 78.##1.90.32:23
- 23#.##.149.216:23
- 76.###.119.88:23
- 17#.##7.90.238:23
- 21#.##6.148.166:23
- 13#.#8.222.5:23
- 19#.##.203.174:23
- 40.###.111.239:23
- 23#.##4.132.108:23
- 18#.##.163.233:23
- 24#.##.128.133:23
- 78.##2.22.32:23
- 82.##.2.168:23
- 79.###.244.43:23
- 20#.##.98.105:23
- 48.#.249.234:23
- 37.###.102.219:23
- 16#.##.73.221:23
- 21#.##.203.133:23
- 50.###.216.54:23
- 83.###.212.227:23
- 14#.##6.4.110:23
- 92.##2.19.61:23
- 25.##.73.24:23
- 77.##4.1.138:23
- 78.##.253.173:23
- 24#.##.199.132:23
- 73.###.186.146:23
- 17#.##.208.161:23
- 23#.##.92.120:23
- 25#.##6.49.245:23
- 18#.##0.201.200:23
- 46.#.213.159:23
- 15#.##1.143.72:23
- 19#.#0.28.71:23
- 22#.##.60.132:23
- 22#.##0.166.47:23
- 18#.##.237.180:23
- 19#.##.87.239:23
- 10#.##6.77.103:23
- 74.#.93.177:23
- 71.##4.55.23:23
- 89.###.236.33:23
- 13#.#.157.59:23
- 12#.##.243.19:23
