⚠TROYANOSYVIRUS
Active Threat β€’ MEDIUM

103.161.16.196

First Detection1/19/2026
Last Activity2/28/2026
ISPOVH SAS
🎯
94
Total Attacks
πŸ”Œ
1
Ports
πŸ“‘
1
Attack Types
🦠
3
Malware

Geolocation

Country
πŸ‡ΈπŸ‡¬ Singapore
City
Unknown
ASN
AS16276
ISP
OVH SAS

Attack Types

cowrie

Attacked Ports

22

Associated Malware

94f2e4d8d4436874785c...β†’d935ef790b20151118c1...β†’fdb5b69b13768ede6df4...β†’

Attempted Credentials

πŸ”root/debian
4x
πŸ”root/centos
4x
πŸ”root/ubuntu
4x
πŸ”root/linux
3x
πŸ”root/nginx
1x

Executed Commands

$chmod +x ./.779871307078733471/sshd;nohup ./.779871307078733471/sshd 36.137.79.219 117.140.51.59 185.242.3.56 34.131.88.157 34.100.208.32 209.97.176.4 84.247.138.193 122.10.115.18 134.122.155.131 72.5.43.160 180.76.105.108 69.87.207.133 43.143.159.39 183.7.107.29 134.122.177.2 125.212.248.44 34.146.66.215 188.166.211.175 64.23.173.180 183.62.159.92 85.133.225.7 123.155.247.252 154.82.73.111 161.97.187.226 69.87.207.135 45.55.30.94 8.215.69.171 158.51.96.38 202.129.205.122 50.6.4.160 85.133.145.11x

Risk Assessment

50
/100
LowMediumHighCritical