TROYANOSYVIRUS
Ameaca AtivaMEDIO

198.2.193.50

Primeira Deteccao31/03/2026
Ultima Atividade31/03/2026
ISPPEG TECH INC
🎯
163
Ataques Totais
🔌
1
Portas
📡
1
Tipos de Ataque
🦠
20
Malware

Geolocalizacao

Pais
🇺🇸 Estados Unidos
Cidade
San Jose
ASN
AS54600
ISP
PEG TECH INC

Tipos de Ataque

ssh_telnet_honeypot

Portas Atacadas

22

Malware Associado

01ba4719c80b6fe911b0...09a3e612f8cad1560057...28720365c5e7476a011e...28ba533b0f3c4df63d6b...3f1f9a5db692d999bb3d...

Credenciais Tentadas

🔐root/temp1
1x
🔐root/ted
1x
🔐root/123QWEqwe@
1x
🔐root/Mac2025
1x
🔐root/P@SSw0rd
1x
🔐root/3245gs5662d34
1x
🔐root/ys123456
1x
🔐root/a123456?
1x
🔐root/1234567891011
1x
🔐root/yang5202414
1x
🔐root/zzxxcc123
1x
🔐root/1Qaz2Wsx3Edc
1x
🔐root/1qazxdr5^&*(
1x
🔐root/mas@2026
1x
🔐root/digital
1x

Comandos Executados

$lscpu | grep Model1x
$ls -lh $(which ls)1x
$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'1x
$uname -a1x
$w1x
$cat /proc/cpuinfo | grep name | wc -l1x
$crontab -l1x
$cat /proc/cpuinfo | grep model | grep name | wc -l1x
$which ls1x
$uname1x

Exposicao Shodan InternetDBShodan

Dados InternetDB, nao em tempo real

Portas
2280443
Vulnerabilidades
CVE-2012-2912CVE-2010-4277CVE-2011-3853CVE-2010-4630CVE-2009-4748CVE-2012-2913CVE-2016-20012CVE-2009-2299CVE-2009-4169CVE-2012-4001CVE-2025-26465CVE-2009-2852CVE-2011-3863CVE-2011-3981CVE-2008-7175CVE-2012-4360CVE-2011-3859CVE-2013-2765CVE-2007-4723CVE-2011-3854
CPEs
cpe:/a:php:php:8.3.28cpe:/a:apache:http_server:2.4.65cpe:/a:openbsd:openssh:8.7cpe:/a:wordpress:wordpress:6.8.3cpe:/a:jquery:jquerycpe:/o:debian:debian_linuxcpe:/a:mysql:mysql

Avaliacao de Risco

55
/100
BaixoMedioAltoCritico