TROYANOSYVIRUS
Active Threat β€’ MEDIUM

89.22.235.124

Country of OriginπŸ‡ΈπŸ‡ͺ SE
First Detection4/6/2026
Last Activity4/8/2026
ISPAeza Group LLC
🎯
616
Total Attacks
πŸ”Œ
1
Ports
πŸ“‘
1
Attack Types
🦠
1
Malware

Geolocation

Country
πŸ‡ΈπŸ‡ͺ SE
City
Stockholm
ASN
AS210644
ISP
Aeza Group LLC

Attack Types

ssh_telnet_honeypot

Attacked Ports

22

Associated Malware

7ab552f01de999cb1209...β†’

Attempted Credentials

πŸ”centos/123456
3x
πŸ”user1/user1
3x
πŸ”root/123456
2x
πŸ”root/4e2q1w3r
2x
πŸ”sugi/sugi
2x
πŸ”centos/centos
2x
πŸ”sonar/sonar123
2x
πŸ”oracle/!QAZ@wsx
2x
πŸ”tom/tom123
2x
πŸ”pi/pi
2x
πŸ”sonar/sonar
2x
πŸ”deploy/deploy
2x
πŸ”es/es123456
2x
πŸ”docker/docker123
2x
πŸ”elasticsearch/123456
1x

Executed Commands

$uname -s -v -n -r -m3x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
221080
Hostnames
reserved-by-avm.ptr.networkacoustic-downtown.ptr.network
CPEs
cpe:/o:canonical:ubuntu_linuxcpe:/a:openbsd:openssh:9.6p1

Risk Assessment

50
/100
LowMediumHighCritical