HEUR:HackTool.Linux.XHide.a (KASPERSKY), PUA.Linux.Hacktool, PUA.Linux.Hacktool, PUA.Linux.Hacktool (IKARUS)
Dropped by other malware
This Trojan may be downloaded by other malware/grayware from remote sites.
It requires its main component to successfully perform its intended routine. It deletes itself after execution.
06 Jan 2020
Connects to URLs/IPs, Collects system information, Steals information
This Trojan may be downloaded by the following malware/grayware from remote sites:
This Trojan adds the following processes:
Other System Modifications
This Trojan deletes the following files:
This Trojan gathers the following data:
This Trojan sends the gathered information via HTTP POST to the following URL:
This Trojan connects to the following URL(s) to get the affected system's IP address:
It requires its main component to successfully perform its intended routine.
It does the following:
It deletes itself after execution.
08 Jan 2020
09 Jan 2020
Scan your computer with your Trend Micro product to delete files detected as Trojan.Linux.MALXMR.UWEJS. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check the following Trend Micro Support pages for more information: