New detection - Githubissues

CpanelInc / tech-CSI

cPanel Security Scan

Other

42 stars 25 forks source link

New detection #15

Closed JQuags closed 2 years ago

JQuags commented 2 years ago

Running through cron:

- - - - /tmp/system/Linux_amd64 > /dev/null 2>&1

checksums b0c821d33db9c8a00c9d5480f1825082f973af64 Arm_x86 1c8085230f30b578906a7d749e48767a3179b366 Linux_amd64 bad1846c71fc23d28e22c20048f7490fd96c8347 Linux_x86

folder /tmp/system

cPanelPeter commented 2 years ago

Added the sha256sums to known_256hashes, and /tmp/system/Linux_amd64 to suspicious_files.txt file. Did not add /tmp/system by itself as that has been seen on some systems and wasn't considered malicious.

This will go out likely today.