TROYANOSYVIRUS
Amenaza ActivaALTO

197.5.145.8

Pais de Origen🇹🇳 TN
Primera Deteccion9/1/2026
Ultima Actividad11/1/2026
ISPTunisie-Telecom
🎯
644
Ataques Totales
🔌
1
Puertos
📡
1
Tipos Ataque
🦠
26
Malware

Geolocalizacion

Pais
🇹🇳 TN
Ciudad
Desconocida
ASN
AS327934
ISP
Tunisie-Telecom

Tipos de Ataque

cowrie

Puertos Atacados

22

Malware Asociado

258d27ef446476b91f20...28720365c5e7476a011e...afd0dd76c8d59e416fec...7661439454ecfd6ca983...50e721e49c013f00c62c...

Credenciales Intentadas

🔐345gs5662d34/345gs5662d34
5x
🔐root/LeitboGi0ro
2x
🔐claude/147258
1x
🔐test/d3pl0y
1x
🔐ubuntu/123456!!
1x
🔐root/0000
1x
🔐vpn/abc12345
1x
🔐root/123456
1x
🔐server/qwe123!@#
1x
🔐test/qaz123
1x
🔐teamspeak/q1w2e3r4t5
1x
🔐ftpuser/Admin123!
1x
🔐root/Server2024
1x
🔐user/abc@123
1x
🔐steam/Qazwsx123
1x

Comandos Ejecutados

$lockr -ia .ssh5x
$top5x
$which ls5x
$lscpu | grep Model5x
$cat /proc/cpuinfo | grep model | grep name | wc -l5x
$cd ~; chattr -ia .ssh; lockr -ia .ssh5x
$uname5x
$cat /proc/cpuinfo | grep name | wc -l5x
$whoami5x
$df -h | head -n 2 | awk 'FNR == 2 {print $2;}'5x

Evaluacion de Riesgo

60
/100
BajoMedioAltoCritico
IP 197.5.145.8 - Amenaza Detectada | TroyanosYVirus.com | TroyanosYVirus.com