Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Avast detects this as ELF:Mirai-HU [Trj]
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Avast detects this as ELF:Mirai-HU [Trj] (Read 738 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33925
malware fighter
Avast detects this as ELF:Mirai-HU [Trj]
«
on:
March 03, 2019, 06:32:24 PM »
Where we met with it:
https://urlhaus.abuse.ch/url/150271/
More info:
https://www.shodan.io/host/67.205.130.217
and we see excessive info proliferation: SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.2
Re:
https://www.virustotal.com/#/url/3fdf287bca6eee522462cf4fc4047c4590c467fbbec8cb042ffb5ea675cb14c5/detection
Re:
https://www.virustotal.com/#/ip-address/67.205.130.217
and
https://www.virustotal.com/#/file/4a274428b5b7c42e911a8d04e022c5448462b48d9dee41553c9280c8d04b90ed/detection
has -shstrtab.init.text.fini.rodata.ctors.dtors.data.sdata.sbss.bss ->
https://pastebin.com/vqSPkJzb
also consider link: -http://c-1e9371d5.09-708-73746f39.bbcust.telenor.se/nobody/login.js?noCache
Missed here:
https://urlquery.net/report/abf8059c-3ceb-4ec4-a2d0-efa7c2747122
polonus (volunteer website security analyst and website error-hunter)
«
Last Edit: March 03, 2019, 06:39:12 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Avast detects this as ELF:Mirai-HU [Trj]