TROYANOSYVIRUS
Active Threat β€’ LOW

107.175.150.94

First Detection4/24/2026
Last Activity4/24/2026
ISPHostPapa
🎯
29
Total Attacks
πŸ”Œ
1
Ports
πŸ“‘
1
Attack Types
🦠
2
Malware

Geolocation

Country
πŸ‡ΊπŸ‡Έ United States
City
Buffalo
ASN
AS36352
ISP
HostPapa

Attack Types

ssh_telnet_honeypot

Attacked Ports

22

Associated Malware

94f2e4d8d4436874785c...β†’e3d186d97bd1b22dc320...β†’

Attempted Credentials

πŸ”root/ubuntu
1x
πŸ”root/nginx
1x
πŸ”root/linux
1x
πŸ”root/debian
1x
πŸ”root/centos
1x

Executed Commands

$chmod +x ./.2893264530658418284/sshd;nohup ./.2893264530658418284/sshd &1x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
224438875222524352495266527954325435
Vulnerabilities
CVE-2026-35414CVE-2023-38408CVE-2008-3844CVE-2007-2768CVE-2024-6387CVE-2023-51385CVE-2023-51767CVE-2023-51384CVE-2025-32728CVE-2023-28531CVE-2023-48795CVE-2025-26465
Hostnames
107-175-150-94-host.colocrossing.com
CPEs
cpe:/a:apache:http_servercpe:/a:openbsd:openssh:8.9

Risk Assessment

25
/100
LowMediumHighCritical