TROYANOSYVIRUS
Active Threat โ€ข LOW

195.22.238.211

Country of Origin๐Ÿ‡ฒ๐Ÿ‡ฉ MD
First Detection4/26/2026
Last Activity4/26/2026
ISPOrange Moldova S.A.
๐ŸŽฏ
21
Total Attacks
๐Ÿ”Œ
1
Ports
๐Ÿ“ก
1
Attack Types
๐Ÿฆ 
1
Malware

Geolocation

Country
๐Ÿ‡ฒ๐Ÿ‡ฉ MD
City
Sรฎngera
ASN
AS25454
ISP
Orange Moldova S.A.

Attack Types

ssh_telnet_honeypot

Attacked Ports

23

Associated Malware

a0099d1f27401254f72e...โ†’

Attempted Credentials

๐Ÿ”service/service
1x
๐Ÿ”root/1234567890
1x

Executed Commands

$q2x
$system2x
$shell2x
$cat /proc/mounts; /bin/busybox AAZEM1x
$/bin/busybox AAZEM1x
$dd bs=52 count=1 if=.s || cat .s || while read i; do echo $i; done < .s1x
$cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox AAZEM1x
$sh1x
$enable1x
$while read i1x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
21231024200082918728
Vulnerabilities
CVE-2020-20250CVE-2019-3976CVE-2020-20249CVE-2019-3979CVE-2018-7445CVE-2017-20149CVE-2020-20264CVE-2020-20221CVE-2019-16160CVE-2019-13074CVE-2023-32154CVE-2020-20217CVE-2020-20253CVE-2020-20247CVE-2019-3977CVE-2022-45315CVE-2023-30800CVE-2018-1157CVE-2018-1156CVE-2020-20220
Hostnames
mail.arec.md
CPEs
cpe:/o:mikrotik:routeros:6.27

Risk Assessment

25
/100
LowMediumHighCritical
IP 195.22.238.211 - Detected Threat | TroyanosYVirus.com | TroyanosYVirus.com