Table of Contents

Daily Report: 2025-04-13
#

Executive summary
#

interaction report on http service of various Hhoneypot around the world.

Executive summary
OT report simplified
Botnet dropper behaviour
List of request
List of country_iso_code

executive_summary
#

In today’s repport, we detected 0 stage 1 IP address(es), linked to 0 dropper URL(s).

There are 20 new requests that have never been observed before (these were added to the monitored request database.).

A total of 2079 requests were recorded during the day, originating from 0 different countries, with a peak of 459 requests coming from NL.

ot_simplified_report
#

simplified report for medium-level interactions with honeypots that mimic industrial systems (web site loading, or interactions with the website), for more contact us on social@shoggoth.industries.

source_country	targeted_country
US	Dubai
CN	Georgia
US	Georgia

botnet_dropper_behaviour
#

remote_addr	request

request
#

The list of requests presented here are those that have not yet been yet integrated into the request database.

	number_of_occurence	request
359	1	GET /update/.git/config HTTP/1.1
376	1	GET /cAaW HTTP/1.1
394	1	\x00\x0E8\xAF}\xDA\xF4PW\xBD\x8A\x00\x00\x00\x00\x00
416	1	GET /e8Ze HTTP/1.1
419	1	\x00\x0E8x\x9E\x7F\xF3\x93\x1D\x19\xB2\x00\x00\x00\x00\x00
445	1	GET /wp-includes/ID3/license.txt HTTP/1.1
452	1	GET /Odin/http/call1744564720 HTTP/1.1
453	1	GET /OdinHttpCall1744564720 HTTP/1.1
454	1	GET /odinhttpcall1744564720 HTTP/1.1
455	1	GET /vicidial/images/vicidial_admin_web_logo.png HTTP/1.1
465	1	GET /2021/wp-includes/wlwmanifest.xml HTTP/1.1
488	1	GET /Odin/http/call1744514937 HTTP/1.1
489	1	GET /OdinHttpCall1744514937 HTTP/1.1
490	1	GET /odinhttpcall1744514937 HTTP/1.1
491	1	\x00\x0E8\xD8NGG\xE3d\xA9\x90\x00\x00\x00\x00\x00
499	1	\x00\x0E8y\xC6$\x93\x10\x1E-2\x00\x00\x00\x00\x00
515	1	\x00\x0E8\xF9l\xF1\xB6\xA1n\x13\xBA\x00\x00\x00\x00\x00
525	1	GET /nz3A HTTP/1.1
531	1	\x00\x0E8\x99{Yd\xEA\x02\x19
620	1	GET /website/.git/config HTTP/1.1

country_iso_code
#

	number_of_occurence	country_iso_code
0	459	NL
1	348	GB
2	330	BG
3	318	US
4	131	SC
5	119	DE
6	100	PL
7	51	RU
8	23	HK
9	23	CN
10	20	CA
11	20	SE
12	15	JP
13	14	KR
14	13	UA
15	12	FR
16	12	CH
17	11	ID
18	9	IN
19	8	IL
20	7	PT
21	6	SG
22	5	BE
23	5	TR
24	3	IE
25	2	AR
26	2	BR
27	2	GH
28	2	MD
29	2	AO
30	1	KH
31	1	AT
32	1	AU
33	1	ZA
34	1	LT
35	1	IT
36	1	NO

Report: 2025-04-12

12 April 2025·546 words

Repport Daily

Report: 2025-04-11

11 April 2025·3097 words

Repport Daily

Report: 2025-04-10

10 April 2025·372 words

Repport Daily

	number_of_occurence	country_iso_code
0	459	NL
1	348	GB
2	330	BG
3	318	US
4	131	SC
5	119	DE
6	100	PL
7	51	RU
8	23	HK
9	23	CN
10	20	CA
11	20	SE
12	15	JP
13	14	KR
14	13	UA
15	12	FR
16	12	CH
17	11	ID
18	9	IN
19	8	IL
20	7	PT
21	6	SG
22	5	BE
23	5	TR
24	3	IE
25	2	AR
26	2	BR
27	2	GH
28	2	MD
29	2	AO
30	1	KH
31	1	AT
32	1	AU
33	1	ZA
34	1	LT
35	1	IT
36	1	NO

	number_of_occurence	country_iso_code
0	459	NL
1	348	GB
2	330	BG
3	318	US
4	131	SC
5	119	DE
6	100	PL
7	51	RU
8	23	HK
9	23	CN
10	20	CA
11	20	SE
12	15	JP
13	14	KR
14	13	UA
15	12	FR
16	12	CH
17	11	ID
18	9	IN
19	8	IL
20	7	PT
21	6	SG
22	5	BE
23	5	TR
24	3	IE
25	2	AR
26	2	BR
27	2	GH
28	2	MD
29	2	AO
30	1	KH
31	1	AT
32	1	AU
33	1	ZA
34	1	LT
35	1	IT
36	1	NO

Daily Report: 2025-04-13#

Executive summary#

executive_summary#

ot_simplified_report#

botnet_dropper_behaviour#

request#

country_iso_code#

Related

Daily Report: 2025-04-13
#

Executive summary
#

executive_summary
#

ot_simplified_report
#

botnet_dropper_behaviour
#

request
#

country_iso_code
#

	number_of_occurence	country_iso_code
0	459	NL
1	348	GB
2	330	BG
3	318	US
4	131	SC
5	119	DE
6	100	PL
7	51	RU
8	23	HK
9	23	CN
10	20	CA
11	20	SE
12	15	JP
13	14	KR
14	13	UA
15	12	FR
16	12	CH
17	11	ID
18	9	IN
19	8	IL
20	7	PT
21	6	SG
22	5	BE
23	5	TR
24	3	IE
25	2	AR
26	2	BR
27	2	GH
28	2	MD
29	2	AO
30	1	KH
31	1	AT
32	1	AU
33	1	ZA
34	1	LT
35	1	IT
36	1	NO