IntrusionLabs / threat intelligence

Sign in

← Back to feed

120.138.6.3

Threat Confidence

54%

Location

🇮🇳 IN / Vapi

ASN

AS133662 · SHREENET

Cloud Provider

—

Total Events

287

Top 10% by volume

Agent Count

1

First / Last Seen

2026-04-16 21:43 — 2026-04-16 22:25

Attack Types

ssh:bruteforce

MITRE ATT&CK Techniques

Reconnaissance

T1595 T1595.002

Initial Access

T1078

Defense Evasion

T1070.004

Credential Access

T1110 T1110.001

Discovery

T1046

Command and Control

T1105

External Corroboration

Not flagged by any external feeds

Campaigns

Not associated with any campaigns

Session Forensics

scanner ×1 malware_dropper ×9 credential_probe ×24 opportunistic_bruter ×9

Sessions

43 (18 with login)

Avg Depth Score

0.43

Commands Executed

27

Files Downloaded

9

Notable Commands

cd ~; chattr -ia .ssh; lockr -ia .ssh
lockr -ia .ssh
cd ~ && rm -rf .ssh && mkdir .ssh && echo "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEArDp4cun2lhr4KUhBGE7VvAcwdli2a8dbnrTOrbMz1+5O73fcBOx8NVbUT0bUanUV9tJ2/9p7+vD0EpZ3Tz/+0kX34uAx1RV/75GVOmNx+9EuWOnvNoaJe0QXxziIg9eLBHpgLMuakb5+BgTFB+rKJAw9u9FSTDengvS8hX1kNFS4Mjux0hJOK8rvcEmPecjdySYMb66nylAKGwCEE6WEQHmd1mUPgHwGQ0hWCwsQk13yCGPK5w6hYp5zYkFnvlC8hGmd4Ww+u97k6pfTGTUbJk14ujvcD9iUKQTTWYYjIIu5PmUux5bsZ0R4WFwdIe6+i6rBLAsPKgAySVKPRK+oRw== mdrfckr">>.ssh/authorized_keys && chmod -R go= ~/.ssh && cd ~

Fingerprints

HASSH

03a80b21afa810682a776a7d42e5e6fb

SSH Client

SSH-2.0-libssh_0.11.1

Evidence Timeline

Credential Probe d624009ae61f w4m_seattle_01 · 2026-04-16 22:25

1 20%

Loading events...

Malware Dropper e888343ec607 w4m_seattle_01 · 2026-04-16 22:23

3 1 1 100%

Loading events...

Opportunistic Bruter 21ee1514eaac w4m_seattle_01 · 2026-04-16 22:23

1 50%

Loading events...

Credential Probe a1329d824b6d w4m_seattle_01 · 2026-04-16 22:23

1 20%

Loading events...

Credential Probe da288b0b13a5 w4m_seattle_01 · 2026-04-16 22:22

1 20%

Loading events...

Opportunistic Bruter f4cfc893c309 w4m_seattle_01 · 2026-04-16 22:20

1 50%

Loading events...

Malware Dropper f03b0a4a1f41 w4m_seattle_01 · 2026-04-16 22:20

3 1 1 100%

Loading events...

Credential Probe 8c8fc80b95a8 w4m_seattle_01 · 2026-04-16 22:20

1 20%

Loading events...

Credential Probe b4a00c2b51b9 w4m_seattle_01 · 2026-04-16 22:18

1 20%

Loading events...

Credential Probe 97d7f7b260ca w4m_seattle_01 · 2026-04-16 22:17

1 20%

Loading events...

Credential Probe 57c3298aa2f9 w4m_seattle_01 · 2026-04-16 22:15

1 20%

Loading events...

Credential Probe 5447a41b694d w4m_seattle_01 · 2026-04-16 22:13

1 20%

Loading events...

Opportunistic Bruter 8f56e9555104 w4m_seattle_01 · 2026-04-16 22:12

1 50%

Loading events...

Malware Dropper c31f604acc0e w4m_seattle_01 · 2026-04-16 22:12

3 1 1 100%

Loading events...

Credential Probe b5c5a953c1f8 w4m_seattle_01 · 2026-04-16 22:12

1 20%

Loading events...

Opportunistic Bruter 5254fcd9328d w4m_seattle_01 · 2026-04-16 22:10

1 50%

Loading events...

Malware Dropper c5c6441ee7c8 w4m_seattle_01 · 2026-04-16 22:10

3 1 1 100%

Loading events...

Credential Probe e8f73f6ad2a6 w4m_seattle_01 · 2026-04-16 22:10

1 20%

Loading events...

Opportunistic Bruter 37bbde1a6a8a w4m_seattle_01 · 2026-04-16 22:08

1 50%

Loading events...

Scanner c39ebd95d571 w4m_seattle_01 · 2026-04-16 22:08

15%

Loading events...

Malware Dropper c51221cc0c92 w4m_seattle_01 · 2026-04-16 22:08

3 1 1 100%

Loading events...

Opportunistic Bruter 1ee381e2f7e7 w4m_seattle_01 · 2026-04-16 22:07

1 50%

Loading events...

Malware Dropper 99a9b545d42c w4m_seattle_01 · 2026-04-16 22:07

3 1 1 100%

Loading events...

Credential Probe 2dd63a190408 w4m_seattle_01 · 2026-04-16 22:07

1 20%

Loading events...

Opportunistic Bruter 0d080bceea91 w4m_seattle_01 · 2026-04-16 22:05

1 50%

Loading events...

Malware Dropper 01f56e90365f w4m_seattle_01 · 2026-04-16 22:05

3 1 1 100%

Loading events...

Credential Probe 37f73b727b98 w4m_seattle_01 · 2026-04-16 22:05

1 20%

Loading events...

Credential Probe 0a361ea6e276 w4m_seattle_01 · 2026-04-16 22:03

1 20%

Loading events...

Credential Probe 00c1e1569962 w4m_seattle_01 · 2026-04-16 22:02

1 20%

Loading events...

Credential Probe c1320fabb79e w4m_seattle_01 · 2026-04-16 22:00

1 20%

Loading events...

Credential Probe 6b73bb83a78a w4m_seattle_01 · 2026-04-16 21:58

1 20%

Loading events...

Malware Dropper c7918e57a5e5 w4m_seattle_01 · 2026-04-16 21:57

3 1 1 100%

Loading events...

Opportunistic Bruter e16ba258cb6e w4m_seattle_01 · 2026-04-16 21:57

1 50%

Loading events...

Credential Probe 835206074082 w4m_seattle_01 · 2026-04-16 21:57

1 20%

Loading events...

Credential Probe 179b7df614a4 w4m_seattle_01 · 2026-04-16 21:55

1 20%

Loading events...

Credential Probe a8d43f9e23e5 w4m_seattle_01 · 2026-04-16 21:53

1 20%

Loading events...

Malware Dropper 01350a95577d w4m_seattle_01 · 2026-04-16 21:52

3 1 1 100%

Loading events...

Opportunistic Bruter 0cb28049f87c w4m_seattle_01 · 2026-04-16 21:52

1 50%

Loading events...

Credential Probe e2bc5d5d7a51 w4m_seattle_01 · 2026-04-16 21:52

1 20%

Loading events...

Credential Probe cf76bf1e4ef2 w4m_seattle_01 · 2026-04-16 21:50

1 20%

Loading events...

Credential Probe fcdaf5f70a02 w4m_seattle_01 · 2026-04-16 21:48

1 20%

Loading events...

Credential Probe 8da5b74b80b3 w4m_seattle_01 · 2026-04-16 21:46

1 20%

Loading events...

Credential Probe 4c09c150d2ba w4m_seattle_01 · 2026-04-16 21:43

1 20%

Loading events...