I installed a CentOS 7 at my Virtual Machine,
As i have installed the antivirus on the machine i found some files in /usr/bin which coming as Malicious content, i backup them and again they generated with another names, and names are randoms. Can someone guide me what kind of files are, is it really any Malicious Script which generating files. below are the files for the reference.
rwxr-xr-x. 1 root root 625889 Jun 14 17:58 zqoppdtajj_bkp_ali #i marked them backup
-rwxr-xr-x. 1 root root 156 Jun 14 17:58 saxquzl.sh_bkp_ali #i marked them backup
-rwxr-xr-x. 1 root root 158 Jun 14 20:19 nntbxqpwp.sh_blk_script #i marked them backup
-rwxr-xr-x. 1 root root 625878 Jun 14 20:19 rpsdbuuyef_bkp_ali #i marked them backup
-rwxr-xr-x. 1 root root 161 Jun 20 13:46 plhurveidhxc.sh_bkp_ali #i marked them backup
-rwxr-xr-x. 1 root root 160 Jun 20 13:47 ezkxscupeqn.sh_bk_ali #i marked them backup
-rwxr-xr-x. 1 root root 562340 Jun 20 13:49 uhrxms
-rwxr-xr-x. 1 root root 155 Jun 20 13:49 smxrhu.sh
-rwxr-xr-x. 1 root root 562340 Jun 20 13:49 smxrhu
-rwxr-xr-x. 1 root root 559794 Jun 20 13:50 zkjqbal
-rwxr-xr-x. 1 root root 559794 Jun 20 13:50 labqjkz
-rwxr-xr-x. 1 root root 156 Jun 20 13:50 labqjkz.sh
inside the smxrhu.sh
#!/bin/sh
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/X11R6/bin
cp "/usr/bin/smxrhu" "/usr/bin/mrpjpymvkc"
"/usr/bin/mrpjpymvkc"
Inside the labqjkz.sh
#!/bin/sh
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/X11R6/bin
cp "/usr/bin/labqjkz" "/usr/bin/ivsuvtlkzx"
"/usr/bin/ivsuvtlkzx"
Thanks in advance.
