Backdoor.Linux.BASHLITE.SMJC2

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Ejecuta comandos desde un usuario remoto malicioso que pone en peligro el sistema afectado.

Detalles de entrada

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Rutina de puerta trasera

Ejecuta los comandos siguientes desde un usuario remoto malicioso:

• UDP - UDP flood
• TCP - TCP flood
• HEX - UDP HEX flood
• STOP - STOP bot operation

Otros detalles

Hace lo siguiente:

• Checks for the following folder to know architecture:
  • /usr/bin/apt-get - Ubuntu
  • /usr/lib/portage - Gentoo
  • /usr/bin/yum - CentOS
  • /usr/share/YaST2 - OpenSUSE
  • /usr/local/etc/pkg - FreeBSD
  • /etc/dropbear/ - Dropbear
  • /etc/opkg - OpenWRT