TROYANOSYVIRUS
Ameaca AtivaALTO

129.159.149.21

Pais de Origem🇮🇱 IL
Primeira Deteccao06/04/2026
Ultima Atividade15/04/2026
ISPOracle Corporation
🎯
301
Ataques Totais
🔌
1
Portas
📡
1
Tipos de Ataque
🦠
9
Malware

Geolocalizacao

Pais
🇮🇱 IL
Cidade
Jerusalem
ASN
AS31898
ISP
Oracle Corporation

Tipos de Ataque

ssh_telnet_honeypot

Portas Atacadas

22

Malware Associado

1d6f385dd0e7ccc3ada3...28ba533b0f3c4df63d6b...3e8341eade715d716ae9...3fabfde4895f276b5d24...4e9fdfe29ef2ada08ab1...

Credenciais Tentadas

🔐root/admin
4x
🔐root/root
4x
🔐root/guest
3x
🔐root/12345
3x
🔐test/test
2x
🔐root/ubuntu
2x
🔐root/test
2x
🔐root/toor
2x
🔐root/pfsense
2x
🔐root/123
2x
🔐root/qwerty
2x
🔐root/1234
2x
🔐root/5nWt3P-fF4WosQm5O
2x
🔐root/2glehe5t24th1issZs
2x
🔐root/hlL0mlNAabiR
2x

Comandos Executados

$/ip cloud print6x
$uname -a3x
$ls -la ~/.local/share/TelegramDesktop/tdata /home/*/.local/share/TelegramDesktop/tdata /dev/ttyGSM* /dev/ttyUSB-mod* /var/spool/sms/* /var/log/smsd.log /etc/smsd.conf* /usr/bin/qmuxd /var/qmux_connect_socket /etc/config/simman /dev/modem* /var/config/sms/*3x
$ifconfig3x
$ps | grep '[Mm]iner'3x
$ps -ef | grep '[Mm]iner'3x
$echo Hi | cat -n3x
$locate D877F783D5D3EF8Cs3x
$cat /proc/cpuinfo3x

Exposicao Shodan InternetDBShodan

Dados InternetDB, nao em tempo real

Portas
22
CPEs
cpe:/o:canonical:ubuntu_linuxcpe:/a:openbsd:openssh:9.6p1

Avaliacao de Risco

65
/100
BaixoMedioAltoCritico