TROYANOSYVIRUS
Active ThreatMEDIUM

62.28.222.221

Country of Origin🇵🇹 PT
First Detection1/6/2026
Last Activity1/6/2026
ISPServicos De Comunicacoes E Multimedia S.A.
🎯
302
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
20
Malware

Geolocation

Country
🇵🇹 PT
City
Unknown
ASN
AS15525
ISP
Servicos De Comunicacoes E Multimedia S.A.

Attack Types

cowrie

Attacked Ports

22

Associated Malware

3c78b4096cc501ff2ab8...0598d30df6ce93c8c60a...28720365c5e7476a011e...afd0dd76c8d59e416fec...50e721e49c013f00c62c...

Attempted Credentials

🔐345gs5662d34/345gs5662d34
2x
🔐claude/3245gs5662d34
2x
🔐root/Aa123123123
1x
🔐root/Az123456.
1x
🔐claude/claude
1x
🔐root/root
1x
🔐root/Sw@123456
1x
🔐root/Wl123456789
1x
🔐user/p@ssw0rd
1x
🔐root/Qw123456
1x
🔐root/13241324
1x
🔐root/suporte
1x
🔐claude/1234567
1x
🔐root/Abc@123456789
1x
🔐root/password111
1x

Executed Commands

$uname -m2x
$free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'2x
$cat /proc/cpuinfo | grep name | wc -l2x
$cd ~; chattr -ia .ssh; lockr -ia .ssh2x
$which ls2x
$lscpu | grep Model2x
$Enter new UNIX password:2x
$uname2x
$whoami2x
$df -h | head -n 2 | awk 'FNR == 2 {print $2;}'2x

Risk Assessment

55
/100
LowMediumHighCritical