Skip to content
MalwareWiki

Malware

Janicab

According to Patrick Wardle, this malware persists a python script as a cron job.

According to Patrick Wardle, this malware persists a python script as a cron job. Steps:

  1. Python installer first saves any existing cron jobs into a temporary file named '/tmp/dump'.
  2. Appends its new job to this file.
  3. Once the new cron job has been added 'python (~/.t/runner.pyc)' runs every minute.

Family metadata imported from Malpedia (Fraunhofer FKIE).