JavaScript support is required for our site to be fully operational in your browser.
Linux.Mirai.3991
Added to the Dr.Web virus database:
2020-03-19
Virus description added:
2020-03-19
Technical Information
Malicious functions:
Substitutes application name for:
Kills system processes:
Kills the following processes:
dhclient
rpcbind
rpc.statd
rpc.idmapd
atd
cron
systemd-logind
rsyslogd
acpid
Network activity:
Establishes connection:
10#.##8.113.17:1149
8.#.8.8:53
20#.###.249.113:6656
21#.#.194.242:6656
23.###.20.225:6656
17#.##.76.124:6656
58.###.223.6:44808
14#.###.134.211:44808
15#.###.107.145:44808
17#.##.247.94:44808
16#.###.164.129:6656
50.##.199.97:10531
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Attacks using a special dictionary (brute-force technique) via an undefined protocol.
Sends data to the following servers:
10#.##8.113.17:1149
66.###.89.244:2223
22#.##0.7.21:2323
87.#.#80.66:9001
40.###.170.171:9001
19#.##.131.255:9000
Receives data from the following servers:
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
By continuing to use this website, you are consenting to Doctor Web’s use of cookies and other technologies related to the collection of visitor statistics. Learn more
OK