TROYANOSYVIRUS
Amenaza ActivaALTO

49.248.75.174

Pais de Origen🇮🇳 India
Primera Deteccion18/3/2026
Ultima Actividad19/3/2026
ISPTata Teleservices Maharashtra Ltd
🎯
432
Ataques Totales
🔌
1
Puertos
📡
1
Tipos Ataque
🦠
27
Malware

Geolocalizacion

Pais
🇮🇳 India
Ciudad
Pune
ASN
AS17762
ISP
Tata Teleservices Maharashtra Ltd

Tipos de Ataque

ssh_telnet_honeypot

Puertos Atacados

22

Malware Asociado

0359edd7b37f810b89a3...09a3e612f8cad1560057...27006ac38a9614fffe4d...28720365c5e7476a011e...28ba533b0f3c4df63d6b...

Credenciales Intentadas

🔐345gs5662d34/345gs5662d34
2x
🔐samp/12345678
1x
🔐amir/123
1x
🔐matt/matt@123
1x
🔐tele/3245gs5662d34
1x
🔐tele/teletele
1x
🔐root/Killer123
1x
🔐samp/3245gs5662d34
1x
🔐odoo11/123
1x
🔐king/123
1x
🔐root/258369147
1x
🔐andrew/andrew@123
1x
🔐adminuser/adminuser@123456
1x
🔐zookeeper/password
1x
🔐gy/Gy123
1x

Comandos Ejecutados

$Enter new UNIX password:4x
$ls -lh $(which ls)2x
$cd ~; chattr -ia .ssh; lockr -ia .ssh2x
$cat /proc/cpuinfo | grep name | wc -l2x
$crontab -l2x
$uname2x
$lockr -ia .ssh2x
$top2x
$free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'2x
$lscpu | grep Model2x

Exposicion segun Shodan InternetDBShodan

Datos de InternetDB, actualizacion no en tiempo real

Puertos
443143333063389444354329000
Vulnerabilidades
CVE-2024-24795CVE-2022-30556CVE-2013-4365CVE-2025-66200CVE-2025-53020CVE-2023-27522CVE-2022-31813CVE-2024-47252CVE-2025-59775CVE-2025-23048CVE-2024-38473CVE-2024-43394CVE-2024-27316CVE-2006-20001CVE-2023-38709CVE-2012-4360CVE-2022-22719CVE-2024-43204CVE-2025-55753CVE-2022-28614
Hostnames
static-174.75.248.49-tataidc.co.inosplabs.inmoodle.ospbiz.com
CPEs
cpe:/a:postgresql:postgresqlcpe:/a:mariadb:mariadb:10.11.14-MariaDB-ubu2204cpe:/a:apache:http_server:2.4.52cpe:/a:microsoft:sql_server:16.0.4185.0

Evaluacion de Riesgo

60
/100
BajoMedioAltoCritico