⚠TROYANOSYVIRUS
Active Threat β€’ MEDIUM

78.100.165.74

Country of OriginπŸ‡ΆπŸ‡¦ QA
First Detection1/20/2026
Last Activity1/20/2026
ISPOoredoo Q.S.C.
🎯
552
Total Attacks
πŸ”Œ
1
Ports
πŸ“‘
1
Attack Types
🦠
27
Malware

Geolocation

Country
πŸ‡ΆπŸ‡¦ QA
City
Doha
ASN
AS8781
ISP
Ooredoo Q.S.C.

Attack Types

cowrie

Attacked Ports

22

Associated Malware

28ba533b0f3c4df63d6b...β†’afd0dd76c8d59e416fec...β†’95df9ab820c0b94e8741...β†’218cc4b9cfba988ede4a...β†’36bac83310e8f55d2d90...β†’

Attempted Credentials

πŸ”345gs5662d34/345gs5662d34
6x
πŸ”root/root
2x
πŸ”root/3245gs5662d34
2x
πŸ”dis/dis2025
1x
πŸ”elias/elias
1x
πŸ”davide/123456
1x
πŸ”tommy/3245gs5662d34
1x
πŸ”router/router2025
1x
πŸ”copy/copy@123
1x
πŸ”ankit/ankit123
1x
πŸ”liferay/123
1x
πŸ”qq/123
1x
πŸ”diana/diana
1x
πŸ”kvm/kvm2025
1x
πŸ”tommy/123456
1x

Executed Commands

$cd ~; chattr -ia .ssh; lockr -ia .ssh6x
$ls -lh $(which ls)6x
$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'6x
$uname -a6x
$cat /proc/cpuinfo | grep name | wc -l6x
$crontab -l6x
$cat /proc/cpuinfo | grep model | grep name | wc -l6x
$which ls6x
$uname6x
$whoami6x

Risk Assessment

55
/100
LowMediumHighCritical