TROYANOSYVIRUS
Ameaca AtivaMEDIO

202.61.193.143

Pais de Origem🇩🇪 Alemania
Primeira Deteccao11/04/2026
Ultima Atividade11/04/2026
ISPnetcup GmbH
🎯
367
Ataques Totais
🔌
1
Portas
📡
1
Tipos de Ataque
🦠
22
Malware

Geolocalizacao

Pais
🇩🇪 Alemania
Cidade
Nuremberg
ASN
AS197540
ISP
netcup GmbH

Tipos de Ataque

ssh_telnet_honeypot

Portas Atacadas

22

Malware Associado

01ba4719c80b6fe911b0...09a3e612f8cad1560057...1ea8dd1ac2742b702aaf...28720365c5e7476a011e...28ba533b0f3c4df63d6b...

Credenciais Tentadas

🔐345gs5662d34/345gs5662d34
2x
🔐steam/Steam17
1x
🔐user1/Password123
1x
🔐gpadmin/gpadmin@123
1x
🔐sammy/sammy
1x
🔐root/System32
1x
🔐root/12345-ZXCV
1x
🔐wifi/3245gs5662d34
1x
🔐sammy/SAMMY
1x
🔐root/Admin123$%
1x
🔐wifi/wifi
1x
🔐root/Pambazuka08
1x
🔐root/qazwsx111#
1x
🔐test/Test8
1x
🔐mustafa/mustafa
1x

Comandos Executados

$cd ~; chattr -ia .ssh; lockr -ia .ssh2x
$top2x
$uname -m2x
$free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'2x
$lscpu | grep Model2x
$ls -lh $(which ls)2x
$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'2x
$uname -a2x
$w2x
$cat /proc/cpuinfo | grep name | wc -l2x

Exposicao Shodan InternetDBShodan

Dados InternetDB, nao em tempo real

Portas
22534433128
Vulnerabilidades
CVE-2026-32748CVE-2025-59362CVE-2023-46847CVE-2024-37894CVE-2024-23638CVE-2023-46846CVE-2023-49288CVE-2023-50269CVE-2024-45802CVE-2025-62168CVE-2023-46848CVE-2024-25617CVE-2023-5824CVE-2023-49285CVE-2023-46728CVE-2023-49286CVE-2025-54574CVE-2023-46724CVE-2024-25111
Hostnames
v2202508293876372590.megasrv.de
CPEs
cpe:/a:openbsd:openssh:9.2p1cpe:/o:linux:linux_kernelcpe:/a:squid-cache:squid:5.7cpe:/a:google:web_servercpe:/o:debian:debian_linux

Avaliacao de Risco

55
/100
BaixoMedioAltoCritico
IP 202.61.193.143 - Ameaca Detectada | TroyanosYVirus.com | TroyanosYVirus.com