TROYANOSYVIRUS
Amenaza ActivaALTO

132.248.170.105

Pais de Origen🇲🇽 Mexico
Primera Deteccion5/1/2026
Ultima Actividad6/2/2026
ISPUniversidad Nacional Autonoma de Mexico
🎯
1724
Ataques Totales
🔌
1
Puertos
📡
1
Tipos Ataque
🦠
34
Malware

Geolocalizacion

Pais
🇲🇽 Mexico
Ciudad
Mexico City
ASN
AS278
ISP
Universidad Nacional Autonoma de Mexico

Tipos de Ataque

cowrie

Puertos Atacados

22

Malware Asociado

84c8a8471fd6d8277512...c4f712ff8c9d07a795f1...2aca639d843e1c5ab915...afd0dd76c8d59e416fec...01ba4719c80b6fe911b0...

Credenciales Intentadas

🔐345gs5662d34/345gs5662d34
12x
🔐root/3245gs5662d34
3x
🔐claude/3245gs5662d34
2x
🔐admin/123
1x
🔐nick/nick
1x
🔐wildfly/123456
1x
🔐ubuntu/@a1234567
1x
🔐payroll/1
1x
🔐bootcamp/bootcamp2025
1x
🔐reolink/reolink
1x
🔐metasys/metasys@1234
1x
🔐root/Abcdefgh
1x
🔐farmacia/123456
1x
🔐losts/losts2025
1x
🔐dockeruser/3245gs5662d34
1x

Comandos Ejecutados

$Enter new UNIX password:13x
$uname -m12x
$uname12x
$whoami12x
$df -h | head -n 2 | awk 'FNR == 2 {print $2;}'12x
$top12x
$cd ~; chattr -ia .ssh; lockr -ia .ssh12x
$cat /proc/cpuinfo | grep name | wc -l12x
$cat /proc/cpuinfo | grep model | grep name | wc -l12x
$uname -a12x

Evaluacion de Riesgo

65
/100
BajoMedioAltoCritico