Freitag, 24. Juli 2015

Telnet hit by well known ip - 98.121.74.52

BEGIN OF TELNET DATA:
2015-07-24 12:25:04
Source IP: 98.121.74.52
Country: US RiskScore: 10 Malware: [{u'count': 1, u'origin': u'SPM', u'domain': u'petuntzesn.debestellung.biz', u'last': u'2015-06-09T14:30:00Z', u'family':
[u'Spam Zero-Day'], u'filepath': u'Rechnung_655377.scr', u'ip': u'0x00000000000000000000ffff62794a34', u'uri': u'file://Rechnung_655377.scr', u'lastseen': u'
2015-06-09T14:30:00Z', u'first': u'2015-06-09T14:30:00Z', u'type': u'SPM', u'firstseen': u'2015-06-09T14:30:00Z', u'md5': u'5081146A6A8549DF8D914DF2B0AF92B5'
}, {u'count': 1, u'origin': u'SPM', u'domain': u'petuntzesn.debestellung.biz', u'last': u'2015-06-09T13:30:00Z', u'family': [u'Spam Zero-Day'], u'filepath':
u'Rechnung_3691423.scr', u'ip': u'0x00000000000000000000ffff62794a34', u'uri': u'file://Rechnung_3691423.scr', u'lastseen': u'2015-06-09T13:30:00Z', u'first'
: u'2015-06-09T13:30:00Z', u'type': u'SPM', u'firstseen': u'2015-06-09T13:30:00Z', u'md5': u'5081146A6A8549DF8D914DF2B0AF92B5'}]
User:
Pass:

 END OF DATA
The output shows the output of IBM X-Force and gives you details about the malware found on the IP address. IBM X-Force is integrated within my Honeypot solution per default