TROYANOSYVIRUS
Ameaca AtivaMEDIO

66.116.205.1

Pais de Origem🇮🇳 India
Primeira Deteccao09/01/2026
Ultima Atividade06/05/2026
ISPORACLE-BMC-31898
🎯
44
Ataques Totais
🔌
1
Portas
📡
1
Tipos de Ataque
🦠
3
Malware

Geolocalizacao

Pais
🇮🇳 India
Cidade
Mumbai
ASN
AS31898
ISP
ORACLE-BMC-31898

Tipos de Ataque

ssh_telnet_honeypot

Portas Atacadas

22

Malware Associado

28ba533b0f3c4df63d6b...94f2e4d8d4436874785c...b0b99832969a1cb15c27...

Credenciais Tentadas

🔐root/ubuntu
1x
🔐root/debian
1x

Comandos Executados

$chmod +x ./.3745114224229682595/sshd;nohup ./.3745114224229682595/sshd 50.6.228.52 218.205.37.160 123.58.212.100 43.252.230.102 139.9.213.204 122.228.86.100 180.76.168.116 103.210.22.17 112.28.209.102 103.121.91.144 120.92.105.170 0.0.0.0 116.128.243.59 91.132.142.253 42.51.49.239 183.56.198.150 120.92.10.155 116.169.58.224 183.236.48.45 172.245.43.228 221.10.21.25 101.237.38.4 177.136.246.131 46.101.107.202 43.226.36.171 50.6.231.130 42.4.63.120 114.218.57.21 59.63.188.245 141.148.140.182 106.11x

Exposicao Shodan InternetDBShodan

Dados InternetDB, nao em tempo real

Portas
224432222
Vulnerabilidades
CVE-2007-4723CVE-2022-22719CVE-2025-23048CVE-2022-29404CVE-2022-26377CVE-2025-59775CVE-2024-47252CVE-2024-38476CVE-2022-30556CVE-2025-49812CVE-2022-23943CVE-2022-28615CVE-2011-1176CVE-2025-66200CVE-2009-2299CVE-2024-39573CVE-2012-4001CVE-2024-38474CVE-2023-25690CVE-2023-27522
Hostnames
server.internalapp.comess.greenifit.com
CPEs
cpe:/a:openbsd:openssh:8.9p1cpe:/o:canonical:ubuntu_linuxcpe:/a:apache:http_server:2.4.52

Avaliacao de Risco

40
/100
BaixoMedioAltoCritico