⚠TROYANOSYVIRUS
Active Threat β€’ MEDIUM

179.43.189.36

Country of OriginπŸ‡¨πŸ‡­ CH
First Detection1/16/2026
Last Activity1/16/2026
ISPPrivate Layer INC
🎯
286
Total Attacks
πŸ”Œ
1
Ports
πŸ“‘
1
Attack Types
🦠
20
Malware

Geolocation

Country
πŸ‡¨πŸ‡­ CH
City
RΓΌmlang
ASN
AS51852
ISP
Private Layer INC

Attack Types

cowrie

Attacked Ports

22

Associated Malware

3c6b0011fd0b1ba7bad7...β†’ab1fb68311b4d2a71812...β†’f25297859cf0a70af5c0...β†’a28dd0be4d71a20d853d...β†’afd0dd76c8d59e416fec...β†’

Attempted Credentials

πŸ”345gs5662d34/345gs5662d34
2x
πŸ”alex/123456
1x
πŸ”minecraft/123456
1x
πŸ”User2/User2123!
1x
πŸ”redmine/redmine123!
1x
πŸ”vpnuser/Vpnuser123!
1x
πŸ”remote/password123
1x
πŸ”vivek/vivek
1x
πŸ”mongodb/mongodb123
1x
πŸ”neo4j/password123
1x
πŸ”ts3server/password
1x
πŸ”roman/12345678
1x
πŸ”sns/12345678
1x
πŸ”db2admin/123456
1x
πŸ”ts3server/123456
1x

Executed Commands

$cd ~; chattr -ia .ssh; lockr -ia .ssh2x
$lscpu | grep Model2x
$lockr -ia .ssh2x
$top2x
$uname -m2x
$free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'2x
$ls -lh $(which ls)2x
$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'2x
$Enter new UNIX password: 2x
$uname -a2x

Risk Assessment

55
/100
LowMediumHighCritical