TROYANOSYVIRUS
Amenaza ActivaMEDIO

38.22.160.113

Pais de Origen🇲🇽 Mexico
Primera Deteccion21/1/2026
Ultima Actividad21/1/2026
ISPFiberwifi SA de CV
🎯
284
Ataques Totales
🔌
1
Puertos
📡
1
Tipos Ataque
🦠
20
Malware

Geolocalizacion

Pais
🇲🇽 Mexico
Ciudad
Guadalajara
ASN
AS270133
ISP
Fiberwifi SA de CV

Tipos de Ataque

cowrie

Puertos Atacados

22

Malware Asociado

28ba533b0f3c4df63d6b...afd0dd76c8d59e416fec...95df9ab820c0b94e8741...3f1f9a5db692d999bb3d...09a3e612f8cad1560057...

Credenciales Intentadas

🔐345gs5662d34/345gs5662d34
2x
🔐int/int123!
1x
🔐oscommerce/oscommerce@123
1x
🔐root/root
1x
🔐maintain/maintain
1x
🔐redis1/redis1123
1x
🔐nginx/nginx
1x
🔐wrk/wrk2025
1x
🔐pradeep/pradeep@123
1x
🔐stack/stack@123
1x
🔐krishna/krishna123
1x
🔐sinus/sinusbot
1x
🔐nico/123
1x
🔐ll/123456
1x
🔐admin/admin
1x

Comandos Ejecutados

$cd ~; chattr -ia .ssh; lockr -ia .ssh2x
$lockr -ia .ssh2x
$top2x
$uname -m2x
$free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'2x
$lscpu | grep Model2x
$ls -lh $(which ls)2x
$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'2x
$Enter new UNIX password: 2x
$uname -a2x

Evaluacion de Riesgo

55
/100
BajoMedioAltoCritico