Home / malware Linux.Mumblehard
First posted on 08 May 2015.
Source: SymantecAliases :
There are no other names known for Linux.Mumblehard.
Explanation :
Once executed, the Trojan opens a back door on the compromised computer and connects to the following remote locations:
184.106.208.157194.54.81.162194.54.81.163194.54.81.164195.242.70.450.28.24.7967.221.183.105advertise.comadvseedpromoan.combehance.net[http://]195.144.21.122/cgi-bin/hshnet/hns[REMOVED][http://]195.144.21.124/cgi-bin/hshnet/hns[REMOVED][http://]malware-safe.com/cgi-bin/hsh/hns[REMOVED]pratioupstudios.orgseoratingonlyup.net
The Trojan then performs the following actions:
Create new processesSend emailsLast update 08 May 2015
