⚠TROYANOSYVIRUS
Active Threat β€’ MEDIUM

52.159.244.161

First Detection1/24/2026
Last Activity1/24/2026
ISPMicrosoft Corporation
🎯
507
Total Attacks
πŸ”Œ
1
Ports
πŸ“‘
1
Attack Types
🦠
7
Malware

Geolocation

Country
πŸ‡ΊπŸ‡Έ United States
City
San Jose
ASN
AS8075
ISP
Microsoft Corporation

Attack Types

cowrie

Attacked Ports

22

Associated Malware

352110e27ca54240da15...β†’f25297859cf0a70af5c0...β†’91c62597f6c0193f5f03...β†’ac139ad519fe89a3a446...β†’7063dece7cccf374d9fa...β†’

Attempted Credentials

πŸ”root/myserver123
4x
πŸ”root/key3
4x
πŸ”root/123
4x
πŸ”root/1secret?
4x
πŸ”root/key1
4x
πŸ”root/key2
4x
πŸ”root/1234
4x
πŸ”root/jqk
4x
πŸ”root/1234567
4x
πŸ”root/1212
4x
πŸ”root/key5
4x
πŸ”root/123myserver
4x
πŸ”root/Qwerty1?
4x
πŸ”root/12345678
3x
πŸ”root/cc
3x

Executed Commands

$pwd1x
$whoami1x
$nproc 2>/dev/null || (grep -c '^processor' /proc/cpuinfo 2>/dev/null) || echo 01x
$hostname1x
$ssh -V 2>&11x
$ls -la /1x
$grep -c ^processor /proc/cpuinfo 2 > /dev/null1x
$uname -m 2>/dev/null || echo unknown1x

Risk Assessment

55
/100
LowMediumHighCritical