⚠TROYANOSYVIRUS
Active Threat β€’ MEDIUM

104.168.56.59

First Detection1/2/2026
Last Activity1/2/2026
ISPAS-COLOCROSSING
🎯
198
Total Attacks
πŸ”Œ
1
Ports
πŸ“‘
1
Attack Types
🦠
19
Malware

Geolocation

Country
πŸ‡ΊπŸ‡Έ United States
City
Buffalo
ASN
AS36352
ISP
AS-COLOCROSSING

Attack Types

cowrie

Attacked Ports

22

Associated Malware

a8460f446be540410004...β†’28720365c5e7476a011e...β†’afd0dd76c8d59e416fec...β†’50e721e49c013f00c62c...β†’f25297859cf0a70af5c0...β†’

Attempted Credentials

πŸ”tempftp/P@ssw0rd
1x
πŸ”andrew/123
1x
πŸ”mythtv/P@ssw0rd
1x
πŸ”grid/grid123
1x
πŸ”hydra/hydra@123
1x
πŸ”orange/1
1x
πŸ”hostmaster/hostmaster@123
1x
πŸ”user3/1
1x
πŸ”vsftpd/vsftpd@123
1x
πŸ”developer/developer
1x
πŸ”node/node2025
1x
πŸ”test101/password
1x
πŸ”katja/123
1x
πŸ”windows/P@ssw0rd
1x
πŸ”demouser/demouser2025
1x

Executed Commands

$crontab -l1x
$cat /proc/cpuinfo | grep model | grep name | wc -l1x
$which ls1x
$lscpu | grep Model1x
$Enter new UNIX password:1x
$uname1x
$whoami1x
$df -h | head -n 2 | awk 'FNR == 2 {print $2;}'1x
$echo -e "1\nSA5jvvJTdw0w\nSA5jvvJTdw0w"|passwd|bash1x
$ls -lh $(which ls)1x

Risk Assessment

55
/100
LowMediumHighCritical