TROYANOSYVIRUS
Ameaca AtivaALTO

103.49.239.156

Pais de Origem🇮🇩 Indonesia
Primeira Deteccao27/02/2026
Ultima Atividade02/04/2026
ISPPT Cloud Hosting Indonesia
🎯
800
Ataques Totais
🔌
1
Portas
📡
1
Tipos de Ataque
🦠
31
Malware

Geolocalizacao

Pais
🇮🇩 Indonesia
Cidade
Desconhecida
ASN
AS136052
ISP
PT Cloud Hosting Indonesia

Tipos de Ataque

ssh_telnet_honeypot

Portas Atacadas

22

Malware Associado

01ba4719c80b6fe911b0...09a3e612f8cad1560057...0ab3bcace2c3a95c8d9f...221b540c5fe3dc5f952e...284f50db13f29f6ad70b...

Credenciais Tentadas

🔐345gs5662d34/345gs5662d34
5x
🔐abb/password
1x
🔐root/Aa666666
1x
🔐root/abc123!@#..
1x
🔐ali/3245gs5662d34
1x
🔐root/root@toor
1x
🔐sky/12345678
1x
🔐root/Apple123
1x
🔐root/peanut
1x
🔐root/ZAQ!@WSXcde3
1x
🔐kirill/3245gs5662d34
1x
🔐root/p@sSW0Rd
1x
🔐postgres/pgadmin
1x
🔐wireguard/3245gs5662d34
1x
🔐root/Jaydell98
1x

Comandos Executados

$Enter new UNIX password:8x
$lscpu | grep Model5x
$ls -lh $(which ls)5x
$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'5x
$uname -a5x
$cd ~; chattr -ia .ssh; lockr -ia .ssh5x
$cat /proc/cpuinfo | grep model | grep name | wc -l5x
$which ls5x
$uname5x
$whoami5x

Exposicao Shodan InternetDBShodan

Dados InternetDB, nao em tempo real

Portas
212280443330633060
Vulnerabilidades
CVE-2024-24795CVE-2022-30556CVE-2013-4365CVE-2025-66200CVE-2025-53020CVE-2023-27522CVE-2022-31813CVE-2024-47252CVE-2025-59775CVE-2025-23048CVE-2024-38473CVE-2024-43394CVE-2024-27316CVE-2006-20001CVE-2023-38709CVE-2012-4360CVE-2022-22719CVE-2024-43204CVE-2025-55753CVE-2022-28614
Hostnames
aslms.smktibaliglobalsingaraja.sch.idwww.aslms.smktibaliglobalsingaraja.sch.idip103-49-239-156.cloudhost.web.id
CPEs
cpe:/o:canonical:ubuntu_linuxcpe:/a:apache:http_server:2.4.52cpe:/a:oracle:mysql:8.0.45-0ubuntu0.22.04.1cpe:/a:openbsd:openssh:8.9p1

Avaliacao de Risco

65
/100
BaixoMedioAltoCritico