JavaScript support is required for our site to be fully operational in your browser.
Linux.Siggen.1977
Added to the Dr.Web virus database:
2019-07-10
Virus description added:
2019-07-10
Technical Information
To ensure autorun and distribution:
Creates or modifies the following files:
Malicious functions:
Launches processes:
sh -c sed -i -e '/exit/d' /etc/rc.local
sed -i -e /exit/d /etc/rc.local
sh -c sed -i -e '/
sed -i -e /
sh -c sed -i -e '/<SAMPLE> reboot/d' /etc/rc.local
sed -i -e /<SAMPLE> reboot/d /etc/rc.local
sh -c sed -i -e '2 i<SAMPLE_FULL_PATH> reboot' /etc/rc.local
sed -i -e 2 i<SAMPLE_FULL_PATH> reboot /etc/rc.local
sh -c sed -i -e '2 i<SAMPLE_FULL_PATH> reboot start' /etc/rc.d/rc.local
sed -i -e 2 i<SAMPLE_FULL_PATH> reboot start /etc/rc.d/rc.local
sh -c sed -i -e '2 i<SAMPLE_FULL_PATH> reboot start' /etc/init.d/boot.local
sed -i -e 2 i<SAMPLE_FULL_PATH> reboot start /etc/init.d/boot.local
/bin/sh -c ./xxsdwak<SAMPLE>xxs
./xxsdwak<SAMPLE>xxs
Performs operations with the file system:
Modifies file access rights:
/etc/sedsU9FAX
/etc/sedTDqgeg
/etc/sed4nm3Ip
Creates or modifies files:
/etc/sedsU9FAX
/etc/sedTDqgeg
/etc/sed4nm3Ip
/root/xxszznk
/root/xxsdwak<SAMPLE>
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
By continuing to use this website, you are consenting to Doctor Web’s use of cookies and other technologies related to the collection of visitor statistics. Learn more
OK