⚠TROYANOSYVIRUS
Active Threat β€’ LOW

78.111.30.28

Country of OriginπŸ‡ΊπŸ‡¦ Ukraine
First Detection2/12/2026
Last Activity2/12/2026
ISPPrivate Joint-stock Company farlep-invest
🎯
21
Total Attacks
πŸ”Œ
1
Ports
πŸ“‘
1
Attack Types
🦠
1
Malware

Geolocation

Country
πŸ‡ΊπŸ‡¦ Ukraine
City
Kharkiv
ASN
AS6703
ISP
Private Joint-stock Company farlep-invest

Attack Types

cowrie

Attacked Ports

23

Associated Malware

02a2735d57def9ff95f6...β†’

Attempted Credentials

πŸ”admin/7ujMko0admin
1x
πŸ”guest/12345
1x
πŸ”support/support
1x
πŸ”root/Win1doW$
1x

Executed Commands

$system2x
$tftp; wget; /bin/busybox LUOIX1x
$cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox LUOIX1x
$q1x
$sh1x
$enable1x
$rm .s; exit1x
$/bin/busybox LUOIX1x
$shell1x
$dd bs=52 count=1 if=.s || cat .s || while read i; do echo $i; done < .s1x

Risk Assessment

25
/100
LowMediumHighCritical