TROYANOSYVIRUS
Amenaza ActivaMEDIO

66.116.205.1

Pais de Origen🇮🇳 India
Primera Deteccion9/1/2026
Ultima Actividad6/5/2026
ISPORACLE-BMC-31898
🎯
44
Ataques Totales
🔌
1
Puertos
📡
1
Tipos Ataque
🦠
3
Malware

Geolocalizacion

Pais
🇮🇳 India
Ciudad
Mumbai
ASN
AS31898
ISP
ORACLE-BMC-31898

Tipos de Ataque

ssh_telnet_honeypot

Puertos Atacados

22

Malware Asociado

28ba533b0f3c4df63d6b...94f2e4d8d4436874785c...b0b99832969a1cb15c27...

Credenciales Intentadas

🔐root/ubuntu
1x
🔐root/debian
1x

Comandos Ejecutados

$chmod +x ./.3745114224229682595/sshd;nohup ./.3745114224229682595/sshd 50.6.228.52 218.205.37.160 123.58.212.100 43.252.230.102 139.9.213.204 122.228.86.100 180.76.168.116 103.210.22.17 112.28.209.102 103.121.91.144 120.92.105.170 0.0.0.0 116.128.243.59 91.132.142.253 42.51.49.239 183.56.198.150 120.92.10.155 116.169.58.224 183.236.48.45 172.245.43.228 221.10.21.25 101.237.38.4 177.136.246.131 46.101.107.202 43.226.36.171 50.6.231.130 42.4.63.120 114.218.57.21 59.63.188.245 141.148.140.182 106.11x

Exposicion segun Shodan InternetDBShodan

Datos de InternetDB, actualizacion no en tiempo real

Puertos
224432222
Vulnerabilidades
CVE-2007-4723CVE-2022-22719CVE-2025-23048CVE-2022-29404CVE-2022-26377CVE-2025-59775CVE-2024-47252CVE-2024-38476CVE-2022-30556CVE-2025-49812CVE-2022-23943CVE-2022-28615CVE-2011-1176CVE-2025-66200CVE-2009-2299CVE-2024-39573CVE-2012-4001CVE-2024-38474CVE-2023-25690CVE-2023-27522
Hostnames
server.internalapp.comess.greenifit.com
CPEs
cpe:/a:openbsd:openssh:8.9p1cpe:/o:canonical:ubuntu_linuxcpe:/a:apache:http_server:2.4.52

Evaluacion de Riesgo

40
/100
BajoMedioAltoCritico
IP 66.116.205.1 - Amenaza Detectada | TroyanosYVirus.com