IP Address: 219.154.204.132Previously Malicious
IP Address: 219.154.204.132Previously Malicious
This IP address attempted an attack on a machine in our threat sensors network
|
Role |
Attacker, Scanner |
|
Services Targeted |
MYSQL |
|
Tags |
Create Mysql Function MYSQL 100+ Sql Commands Download and Allow Execution Drop Mysql Table Malicious Mysql Command Download File Executable File Modification Create Mysql Table HTTP Download and Execute Outgoing Connection |
|
Associated Attack Servers |
|
IP Address |
219.154.204.132 |
|
|
Domain |
- |
|
|
ISP |
China Unicom IP network |
|
|
Country |
China |
|
|
WHOIS |
Created Date |
- |
|
Updated Date |
- |
|
|
Organization |
- |
|
|
First seen in Akamai Guardicore Segmentation |
2020-06-05 |
|
Last seen in Akamai Guardicore Segmentation |
2020-06-18 |
What is Akamai Guardicore SegmentationAkamai Guardicore Segmentation is a data center and cloud security solution that protects the organization's core assets, using flexible, quickly deployed and easy to understand micro-segmentation controls. Akamai Guardicore Segmentation generates in-context security incidents, with details on attacker tools and techniques, that help IR teams prioritize incident investigation and reduce dwell time. Learn More
|
An attempt to create MySQL user-defined function (UDF) xpdl3 implemented in /usr/local/mysql/lib/plugin/udf.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) cmdshell implemented in /usr/local/mysql/lib/plugin/xsa.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) downloader implemented in /usr/local/mysql/lib/plugin/xsa.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) cmdshell implemented in /usr/local/mysql/lib/plugin/lib_mysqludf_sys.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) downloader implemented in /usr/local/mysql/lib/plugin/lib_mysqludf_sys.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) cmdshell implemented in /usr/local/mysql/lib/plugin/udf32.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) cmdshell implemented in /usr/local/mysql/lib/plugin/udf33.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) downloader implemented in /usr/local/mysql/lib/plugin/udf32.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) downloader implemented in /usr/local/mysql/lib/plugin/udf33.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) cmdshell implemented in /usr/local/mysql/lib/plugin/xsa.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) downloader implemented in /usr/local/mysql/lib/plugin/xsa.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) cmdshell implemented in /usr/local/mysql/lib/plugin/xijin.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) downloader implemented in /usr/local/mysql/lib/plugin/xijin.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) cmdshell implemented in /usr/local/mysql/lib/plugin/xijin1.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) downloader implemented in /usr/local/mysql/lib/plugin/xijin1.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) shell implemented in /usr/local/mysql/lib/plugin/udf.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) cmdshelv implemented in /usr/local/mysql/lib/plugin/udf.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) cmdshell implemented in /usr/local/mysql/lib/plugin/lib_mysqludf_sys.dll |
Create Mysql Function |
|
An attempt to create MySQL user-defined function (UDF) downloader implemented in /usr/local/mysql/lib/plugin/lib_mysqludf_sys.dll |
Create Mysql Function |
|
Malicious MySQL commands were executed: DROP FUNCTION, DUMPFILE, INSERT INTO and UPDATE |
Malicious Mysql Command |
|
MySQL tables were dropped: mysql.yongger2 |
Drop Mysql Table |
|
MySQL tables were created: mysql.iateen, mysql.kmlwlo32 and mysql.yongger2 |
Create Mysql Table |
|
/usr/local/mysql/data/mysql/\usr\local\mysql\lib\plugin\\cna12.dll was downloaded |
Download File |
|
Executable file /usr/local/mysql/data/mysql/..\bin\cna12.dll was modified 4 times |
Executable File Modification |
|
/usr/local/mysql/data/mysql/..\bin\cna12.dll was downloaded |
Download File |
|
An attempt to create MySQL user-defined function (UDF) xpdl3 implemented in /usr/local/mysql/lib/plugin/cna12.dll |
Create Mysql Function |
|
//usr/local/mysql/lib/plugin/iateen was downloaded |
Download File |
|
//usr/local/mysql/lib/plugin/kmlwlo32.so was downloaded |
Download File |
|
MySQL user-defined function (UDF) lib_mysqludf_sys_info implemented in /usr/local/mysql/lib/plugin/kmlwlo32.so was created |
Create Mysql Function |
|
The file /usr/local/mysql/lib/plugin/kmlwlo32.so was downloaded and loaded by /usr/local/mysql/bin/mysqld 2 times |
Download and Execute |
|
MySQL user-defined function (UDF) sys_get implemented in /usr/local/mysql/lib/plugin/kmlwlo32.so was created |
Create Mysql Function |
|
MySQL user-defined function (UDF) sys_set implemented in /usr/local/mysql/lib/plugin/kmlwlo32.so was created |
Create Mysql Function |
|
MySQL user-defined function (UDF) sys_exec implemented in /usr/local/mysql/lib/plugin/kmlwlo32.so was created |
Create Mysql Function |
|
MySQL user-defined function (UDF) sys_eval implemented in /usr/local/mysql/lib/plugin/kmlwlo32.so was created |
Create Mysql Function |
|
The file /usr/local/mysql/lib/plugin/iateen was downloaded and granted execution privileges |
Download and Allow Execution |
|
Process /usr/bin/wget generated outgoing network traffic to: 119.188.242.201:6688 |
Outgoing Connection |
|
The file /usr/local/mysql/data/maer was downloaded and executed |
Download and Execute |
|
Connection was closed due to user inactivity |
|
© 2023 Akamai Technologies