Concrete signature match: Backdoor - Provides unauthorized remote access for Linux platform, family Mirai
This is a machine learning-based detection for a variant of the Mirai botnet malware targeting Linux systems. The malware attempts to connect to command-and-control servers, incorporating the compromised device into a botnet primarily used for launching distributed denial-of-service (DDoS) attacks.
No detailed analysis available from definition files.
42a946158cdafcee373f6858544a245baa444e929ce7ac9a8354ba183d790c7480adb2072d1fb20ab3bfc9fc335a80bbe226141fa845f36825783018dff74ceb80bb6b65909568114e8d9064e1fabb0cde1bc94eedbe4b80c079a27b93ef6aa2c2f4518e62789b2be4f4f564de11f78af2a197b2297639e29f23602288f19ef900f48d37e38660b1f745bacd36e897a742466cdb44c775946adbce07d88e9df1Isolate the affected Linux host from the network to prevent further communication. Ensure the detected file (/tmp/gdrg) has been removed and investigate the initial access vector by changing all default or weak credentials and patching relevant services.