Active Threat • MEDIUM

161.248.201.228

Country of Origin🇧🇩 Bangladesh

First Detection1/16/2026

Last Activity1/16/2026

ISPExtentIT Solution Limited

🎯

348

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇧🇩 Bangladesh
City: Dhaka
ASN: AS153528
ISP: ExtentIT Solution Limited

Attack Types

cowrie

Attacked Ports

Associated Malware

ab1fb68311b4d2a71812...→c316de78a8db1da6eb01...→f25297859cf0a70af5c0...→a28dd0be4d71a20d853d...→afd0dd76c8d59e416fec...→

Attempted Credentials

🔐345gs5662d34/345gs5662d34

🔐dbsnmp/dbsnmp2026

🔐vps/vps123!

🔐ftpuser/ZYPCOM

🔐sage/1

🔐liberty/liberty2026

🔐peoplesoft/Password1

🔐carel/3245gs5662d34

🔐cloud/12345678

🔐mail/mail@1234

🔐carel/carel2026

🔐hp/123

🔐superuser/superuser2026

🔐jenkinsadmin/P@ssw0rd

🔐jdedwards/jdedwards

Executed Commands

$uname3x

$whoami3x

$df -h | head -n 2 | awk 'FNR == 2 {print $2;}'3x

$cd ~; chattr -ia .ssh; lockr -ia .ssh3x

$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'3x

$Enter new UNIX password: 3x

$uname -a3x

$w3x

$cat /proc/cpuinfo | grep name | wc -l3x

$uname -m3x

Risk Assessment

/100

LowMediumHighCritical