TROYANOSYVIRUS
Amenaza ActivaALTO

83.97.24.41

Pais de Origen🇧🇬 BG
Primera Deteccion31/12/2025
Ultima Actividad16/2/2026
ISPA1 Bulgaria EAD
🎯
5890
Ataques Totales
🔌
1
Puertos
📡
1
Tipos Ataque
🦠
88
Malware

Geolocalizacion

Pais
🇧🇬 BG
Ciudad
Desconocida
ASN
AS8717
ISP
A1 Bulgaria EAD

Tipos de Ataque

cowrie

Puertos Atacados

22

Malware Asociado

00a1ab0b17f842ccb947...02a6810c9d42d1a44b35...03019646fd5ee284077b...094e405e06af5fbc4bc9...09a3e612f8cad1560057...

Credenciales Intentadas

🔐345gs5662d34/345gs5662d34
39x
🔐root/3245gs5662d34
7x
🔐claude/3245gs5662d34
3x
🔐claude/claude
2x
🔐root/root
2x
🔐root/rzx@1218
2x
🔐root/@Pass123
2x
🔐n8n/123456
2x
🔐frappeuser/frappeuser
2x
🔐ubuntu/87654321
2x
🔐root/911911
2x
🔐root/asd123!
2x
🔐root/tesTtest123a
2x
🔐claude/claude123
2x
🔐z/z
2x

Comandos Ejecutados

$cat /proc/cpuinfo | grep name | wc -l39x
$lockr -ia .ssh39x
$df -h | head -n 2 | awk 'FNR == 2 {print $2;}'39x
$cat /proc/cpuinfo | grep model | grep name | wc -l39x
$uname38x
$uname -m38x
$Enter new UNIX password:38x
$uname -a38x
$cd ~; chattr -ia .ssh; lockr -ia .ssh38x
$lscpu | grep Model38x

Evaluacion de Riesgo

65
/100
BajoMedioAltoCritico