ELF_BEIKDOR.W
HEUR:Backdoor.Linux.Ganiw.a(Kaspersky);Linux/Setag.B(ESET-NOD32);Linux/Backdoor.J(AVG)
PLATFORM:
Linux
OVER ALL RISK RATING:
DAMAGE POTENTIAL::
DISTRIBUTION POTENTIAL::
REPORTED INFECTION:
INFORMATION EXPOSURE:
Low
Medium
High
Critical
Threat Type:
Backdoor
Destructiveness:
No
Encrypted:
In the wild::
Yes
OVERVIEW
TECHNICAL DETAILS
File size: 716,936 bytes
File type: ELF
Memory resident: Yes
INITIAL SAMPLES RECEIVED DATE: 16 de мая de 2015
Instalación
Infiltra los archivos siguientes:
- /tmp/notify.file
- /tmp/gates.lock
- /usr/bin/bsd-port/getty.lock
- /tmp/notify.file
- /usr/bin/bsd-port/udevd.lock
- /usr/bin/dpkgd/{module path}
- /tmp/moni.lock
- /tmp/notify.file
SOLUTION
Minimum scan engine: 9.750
First VSAPI Pattern File: 11.672.04
First VSAPI Pattern Release Date: 16 de мая de 2015
VSAPI OPR PATTERN-VERSION: 11.673.00
VSAPI OPR PATTERN DATE: 17 de мая de 2015