TROYANOSYVIRUS
Ameaca AtivaMEDIO

220.149.212.190

Primeira Deteccao26/03/2026
Ultima Atividade26/03/2026
ISPKorea Telecom
🎯
89
Ataques Totais
🔌
1
Portas
📡
1
Tipos de Ataque
🦠
18
Malware

Geolocalizacao

Pais
🇰🇷 Corea del Sur
Cidade
Desconhecida
ASN
AS4766
ISP
Korea Telecom

Tipos de Ataque

ssh_telnet_honeypot

Portas Atacadas

22

Malware Associado

09a3e612f8cad1560057...28720365c5e7476a011e...28ba533b0f3c4df63d6b...3f1f9a5db692d999bb3d...50e721e49c013f00c62c...

Credenciais Tentadas

🔐myuser/3245gs5662d34
1x
🔐eddy/12345678
1x
🔐elizabeth/Elizabeth123
1x
🔐samba/123
1x
🔐myuser/myuser1234
1x
🔐345gs5662d34/345gs5662d34
1x

Comandos Executados

$Enter new UNIX password:2x
$echo "myuser1234\nL26GajqanJmQ\nL26GajqanJmQ\n"|passwd1x
$echo -e "myuser1234\nL26GajqanJmQ\nL26GajqanJmQ"|passwd|bash1x
$ls -lh $(which ls)1x
$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'1x
$uname -a1x
$w1x
$cat /proc/cpuinfo | grep name | wc -l1x
$crontab -l1x
$which ls1x

Exposicao Shodan InternetDBShodan

Dados InternetDB, nao em tempo real

Portas
123443
Vulnerabilidades
CVE-2019-9513CVE-2019-9516CVE-2019-9511CVE-2021-23017CVE-2025-23419CVE-2021-3618CVE-2023-44487CVE-2018-16845CVE-2019-20372
CPEs
cpe:/a:ntp:ntp:3cpe:/a:f5:nginx:1.14.1

Avaliacao de Risco

45
/100
BaixoMedioAltoCritico