โš TROYANOSYVIRUS
Active Threat โ€ข LOW

185.134.98.108

Country of Origin๐Ÿ‡ฎ๐Ÿ‡ท Iran
First Detection2/21/2026
Last Activity2/21/2026
ISPYaghoot Pars Asia Cooperative Company
๐ŸŽฏ
20
Total Attacks
๐Ÿ”Œ
1
Ports
๐Ÿ“ก
1
Attack Types
๐Ÿฆ 
1
Malware

Geolocation

Country
๐Ÿ‡ฎ๐Ÿ‡ท Iran
City
Unknown
ASN
AS50749
ISP
Yaghoot Pars Asia Cooperative Company

Attack Types

cowrie

Attacked Ports

23

Associated Malware

75a04aec73f4c18f5f61...โ†’

Attempted Credentials

๐Ÿ”tech/tech
1x
๐Ÿ”admin/123456
1x
๐Ÿ”root/1001chin
1x

Executed Commands

$shell2x
$q2x
$enable1x
$system1x
$rm .s; exit1x
$cat /proc/mounts; /bin/busybox WDMQA1x
$dd bs=52 count=1 if=.s || cat .s || while read i; do echo $i; done < .s1x
$tftp; wget; /bin/busybox WDMQA1x
$cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox WDMQA1x
$while read i1x

Risk Assessment

25
/100
LowMediumHighCritical