Avast detects this as ELF:Mirai-HU [Trj]

Avast WEBforum »
Other »
Viruses and worms (Moderators: Maxx_original, misak) »
Avast detects this as ELF:Mirai-HU [Trj]

« previous next »

Print

Pages: [1] Go Down

Author Topic: Avast detects this as ELF:Mirai-HU [Trj] (Read 731 times)

0 Members and 1 Guest are viewing this topic.

polonus

Avast Überevangelist
Probably Bot
Posts: 33905
malware fighter

Avast detects this as ELF:Mirai-HU [Trj]

« on: March 03, 2019, 06:32:24 PM »

Where we met with it: https://urlhaus.abuse.ch/url/150271/
More info: https://www.shodan.io/host/67.205.130.217
and we see excessive info proliferation: SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.2
Re: https://www.virustotal.com/#/url/3fdf287bca6eee522462cf4fc4047c4590c467fbbec8cb042ffb5ea675cb14c5/detection
Re: https://www.virustotal.com/#/ip-address/67.205.130.217
and https://www.virustotal.com/#/file/4a274428b5b7c42e911a8d04e022c5448462b48d9dee41553c9280c8d04b90ed/detection
has -shstrtab.init.text.fini.rodata.ctors.dtors.data.sdata.sbss.bss -> https://pastebin.com/vqSPkJzb
also consider link: -http://c-1e9371d5.09-708-73746f39.bbcust.telenor.se/nobody/login.js?noCache
Missed here: https://urlquery.net/report/abf8059c-3ceb-4ec4-a2d0-efa7c2747122

polonus (volunteer website security analyst and website error-hunter)

« Last Edit: March 03, 2019, 06:39:12 PM by polonus »

Logged

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Print

Pages: [1] Go Up

« previous next »

Avast WEBforum »
Other »
Viruses and worms (Moderators: Maxx_original, misak) »
Avast detects this as ELF:Mirai-HU [Trj]

SMF 2.0.18 | SMF © 2015, Simple Machines
XHTML
RSS
WAP2

Page created in 0.045 seconds with 21 queries.