⚠TROYANOSYVIRUS
Active Threat β€’ MEDIUM

172.214.44.213

First Detection1/16/2026
Last Activity1/16/2026
ISPMICROSOFT-CORP-MSN-AS-BLOCK
🎯
369
Total Attacks
πŸ”Œ
1
Ports
πŸ“‘
1
Attack Types
🦠
4
Malware

Geolocation

Country
πŸ‡ΊπŸ‡Έ United States
City
Washington
ASN
AS8075
ISP
MICROSOFT-CORP-MSN-AS-BLOCK

Attack Types

cowrie

Attacked Ports

22

Associated Malware

f25297859cf0a70af5c0...β†’013e4f878c37bf7d147c...β†’7063dece7cccf374d9fa...β†’28ba533b0f3c4df63d6b...β†’

Attempted Credentials

πŸ”root/zhaohao1234
5x
πŸ”root/12
5x
πŸ”root/1212
5x
πŸ”root/Qwerty123?
5x
πŸ”root/12345678
5x
πŸ”root/Qwerty1?
5x
πŸ”root/1234
5x
πŸ”root/1234567
4x
πŸ”root/myserver123
4x
πŸ”root/123myserver
4x
πŸ”root/1secret?
4x
πŸ”root/aliyun
4x
πŸ”root/123456
4x
πŸ”root/1
4x
πŸ”root/123
3x

Executed Commands

$uname -a2x
$hostname1x
$grep 'model name' /proc/cpuinfo 2>/dev/null | head -1 | cut -d ':' -f2- | sed 's/^ *//' | xargs || echo unknown1x
$whoami1x
$grep model name /proc/cpuinfo 2 > /dev/null | head -1 | cut -d : -f2- | sed s/^ *// | xargs1x

Risk Assessment

50
/100
LowMediumHighCritical