TROYANOSYVIRUS
Active Threat β€’ HIGH

192.109.200.237

Country of OriginπŸ‡ΈπŸ‡ͺ SE
First Detection3/23/2026
Last Activity4/20/2026
ISPPfcloud UG (haftungsbeschrankt)
🎯
6,300
Total Attacks
πŸ”Œ
3
Ports
πŸ“‘
3
Attack Types
🦠
1
Malware

Geolocation

Country
πŸ‡ΈπŸ‡ͺ SE
City
Stockholm
ASN
AS51396
ISP
Pfcloud UG (haftungsbeschrankt)

Attack Types

tcp_trap
ssh_telnet_honeypot
web_honeypot

Attacked Ports

2280443

Associated Malware

7ab552f01de999cb1209...β†’

Attempted Credentials

πŸ”user10/user10
2x
πŸ”mongodb/mongodb
2x
πŸ”kali/kali
2x
πŸ”aiuser/123456
2x
πŸ”root/Aa1234567890
2x
πŸ”private/private
2x
πŸ”kamran/kamran
2x
πŸ”root/Pass@123
2x
πŸ”root/4r3e2w1q
2x
πŸ”tidb/tidb
2x
πŸ”www/123456
2x
πŸ”amine/amine
2x
πŸ”cursor/cursor
2x
πŸ”test/test!@
2x
πŸ”root/Abc12345
2x

Executed Commands

$uname -s -v -n -r -m2x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
338959855986
Hostnames
dutok.ptr.network

Risk Assessment

70
/100
LowMediumHighCritical