TROYANOSYVIRUS
Amenaza ActivaALTO

46.188.119.26

Pais de Origen🇷🇺 Rusia
Primera Deteccion5/1/2026
Ultima Actividad20/2/2026
ISPLLC SETEL
🎯
920
Ataques Totales
🔌
1
Puertos
📡
1
Tipos Ataque
🦠
29
Malware

Geolocalizacion

Pais
🇷🇺 Rusia
Ciudad
Moscow
ASN
AS8334
ISP
LLC SETEL

Tipos de Ataque

cowrie

Puertos Atacados

22

Malware Asociado

01ba4719c80b6fe911b0...0319ed95436a29ed23bf...06526cf6f950f7b7daab...09a3e612f8cad1560057...1ef7722ceea10fbd6433...

Credenciales Intentadas

🔐345gs5662d34/345gs5662d34
6x
🔐root/3245gs5662d34
2x
🔐root/LeitboGi0ro
2x
🔐claude/claude123
2x
🔐root/Qweasd123
1x
🔐ubuntu/aA!@#$%^
1x
🔐mama/mama@123
1x
🔐claude/123
1x
🔐root/1Q2w3e4r5t
1x
🔐root/iflytek
1x
🔐train1/123
1x
🔐dimas/dimas
1x
🔐root/14531453
1x
🔐tst/tst
1x
🔐tempuser/admin
1x

Comandos Ejecutados

$cd ~; chattr -ia .ssh; lockr -ia .ssh6x
$w6x
$whoami6x
$free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'6x
$lscpu | grep Model6x
$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'6x
$uname -a6x
$crontab -l6x
$Enter new UNIX password:6x
$uname6x

Evaluacion de Riesgo

65
/100
BajoMedioAltoCritico