TROYANOSYVIRUS
Active ThreatHIGH

185.93.89.190

Country of Origin🇮🇷 Iran
First Detection3/18/2026
Last Activity4/10/2026
ISPLimited Network LTD
🎯
1,276
Total Attacks
🔌
100
Ports
📡
5
Attack Types
🦠
0
Malware

Geolocation

Country
🇮🇷 Iran
City
Unknown
ASN
AS213790
ISP
Limited Network LTD

Attack Types

adb_honeypot
malware_capture
ics_scada_honeypot
tcp_trap
credential_capture

Attacked Ports

811080108110821083108810891090118013801480158016801688178018881980200020162019+80

Associated Malware

No associated malware

Attempted Credentials

🔐proxy/proxy
4x
🔐root/root
4x
🔐admin/1234
3x
🔐abc/abc
3x
🔐123456/123456
3x
🔐123456789/123456789
2x
🔐admin/123456
2x
🔐guest/guest
2x
🔐admin/admin
2x
🔐12345/12345
2x
🔐888/888
2x
🔐user/pass
1x
🔐1/1
1x
🔐test/test
1x
🔐admin/1
1x

ThreatFox Intelabuse.ch

⚠️KNOWN C2 SERVER
Malware Families
elf.systembc
Threat Types
botnet_cc
Confidence: 100%

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
6668123
CPEs
cpe:/a:yandex:clickhouse

Risk Assessment

75
/100
LowMediumHighCritical