TROYANOSYVIRUS
Active ThreatLOW

213.215.209.101

Country of Origin🇮🇹 Italy
First Detection1/4/2026
Last Activity1/4/2026
ISPCOLT Technology Services Group Limited
🎯
14
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
2
Malware

Geolocation

Country
🇮🇹 Italy
City
Rome
ASN
AS8220
ISP
COLT Technology Services Group Limited

Attack Types

cowrie

Attacked Ports

22

Associated Malware

9f06a3cfed61acec3449...94f2e4d8d4436874785c...

Attempted Credentials

🔐root/ubuntu
1x
🔐root/debian
1x

Executed Commands

$chmod +x ./.8444732731144019098/sshd;nohup ./.8444732731144019098/sshd 14.225.230.215 183.193.236.2 103.186.97.118 5.254.57.202 1.62.252.20 23.94.70.51 206.168.214.71 140.249.211.21 115.231.181.61 103.145.145.76 111.22.221.6 156.229.233.208 61.53.69.210 36.66.63.125 182.43.232.199 146.190.175.84 120.133.83.146 124.225.67.32 59.63.189.102 103.149.114.17 146.59.19.172 43.228.78.43 154.201.76.139 124.225.75.209 212.113.112.96 159.203.108.2 125.122.37.39 121.41.95.224 103.252.73.212 101.36.109.45 101x

Risk Assessment

25
/100
LowMediumHighCritical