ioc[.]one - OSINT Cyber Threat Intelligence Database

Timeline & TTPs of TeamTNT Cybercrime Group | Threat Intelligence | CloudSEK

Tags

cmtmf-attack-pattern:	Resource Hijacking
country:	Germany
attack-pattern:	Data Direct Botnet - T1583.005 Botnet - T1584.005 Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Resource Hijacking - T1496 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Tool - T1588.002 Whois - T1596.002 Account Manipulation - T1098 Remote Services - T1021 Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	0aa06787-eb63-4929-9b77-8bf31fdc2575
Fingerprint	bf81815b8c65a409
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 25, 2022, midnight
Added to db	Nov. 19, 2023, 5:59 a.m.
Last updated	Nov. 17, 2024, 6:31 p.m.
Headline	Timeline & TTPs of TeamTNT Cybercrime Group
Title	Timeline & TTPs of TeamTNT Cybercrime Group \| Threat Intelligence \| CloudSEK
Detected Hints/Tags/Attributes	86/3/58

Source URLs

	Redirection	Url
Details	Source	https://cloudsek.com/threatintelligence/timeline-ttps-of-teamtnt-cybercrime-group
Details	Source	https://www.cloudsek.com/threatintelligence/timeline-ttps-of-teamtnt-cybercrime-group

URL Provider

Details	Provider	Source level domain
Details	cloudsek.com	www.cloudsek.com
Details	cloudsek.com	cloudsek.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	89	✔	CloudSEK Threat Intelligence	https://cloudsek.com/threatintelligence/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	23	cve-2019-5736
Details	Domain	19	teamtnt.red
Details	Domain	5	punk.py
Details	Domain	43	setup.sh
Details	Domain	4	do.sh
Details	Domain	3	narrenkappe.sh
Details	Domain	3	ssh.sh
Details	Domain	3	whois2.irc.sh
Details	Domain	30	init.sh
Details	Domain	17	clean.sh
Details	Domain	3	mxutzh.sh
Details	Domain	3	setup.mytoys.sh
Details	Domain	3	setup.xmrig.curl.sh
Details	Domain	5	tt.sh
Details	Domain	16	aws.sh
Details	Domain	8	data.sh
Details	Domain	6	search.sh
Details	Domain	4	chimaera.cc
Details	Email	3	hilde@teamtnt.red
Details	File	5	punk.py
Details	File	153	config.json
Details	sha256	3	b5ba2c86ebf85cbf700c83d7edc034717d7ee08e84fbae440a38139c15ef7a27
Details	sha256	3	69fea980538a12ac0791f0801fc93d8b4d16e8329793d635221a16f935e8ca07
Details	sha256	3	4256402fc04e49f3da8d1bf88efdcca6a3b03f4b881777d2c32a8df364cececd
Details	sha256	3	da43ed194729f82db68b1d91a17cea6afde8ae81357116c35c4c129888a836bf
Details	sha256	3	285e91d3d578fcaf6665c70de457f602d572203b04c281c03b4bf9103aa5f61f
Details	sha256	3	9c29d4ecf6a60e7bfc0afbaa7a669a18af163440730711367d1c715042b5f755
Details	sha256	3	fdf26ebad48da26be59b5784f43d1e5ee2efa93c59a717fe2ae1d82bf3f016d3
Details	sha256	3	b6f57f8a7fba70d6660335828d2a14029c88079a8176dca2c63281a759fd84ca
Details	sha256	3	59aa2101b05225dd0eb7e7b456eb26357540723e3c1d8a10deca83e9715a10fb
Details	sha256	3	6a1221fc82b2bf13dc8112795d3edfb7bab8df7a9d4af69b89da4ac31e0e87e5
Details	sha256	3	a25a73af06c43a20eb9f4f8b67357cec3c74143ccf97ce666446296a360d93fa
Details	sha256	3	a66140870d0a71c7bd42b7631e4a85858e6b33e4a21be637b94d41833dee8383
Details	sha256	3	1eead4f456ed8741d1de821e2fcecb026c1cbbf3477786cc3e637eac05811f46
Details	sha256	3	795a3d99c1e8e34a6228d95c4435c5ed7c866dc0e303f9788ea6fe055b1a7ac6
Details	sha256	3	205db0ef59cad167c6132916f8f7a1d1963e740b36400419b2e5ba307e9f765c
Details	sha256	4	07377cac8687a4cde6e29bc00314c265c7ad71a6919de91f689b58efe07770b0
Details	sha256	3	5c488d9d6820f859cde5fb5d147cfe584a603152653d12e720b897df60c6f810
Details	sha256	3	6b8d828511b479e3278264eff68059f03b3b8011f9a6daaeff2af06b13ba6090
Details	sha256	3	8926672fe6ab2f9229a72e344fcb64a880a40db20f9a71ba0d92def9c14497b6
Details	sha256	3	b60be03a7305946a5b1e2d22aa4f8e3fc93a55e1d7637bebb58bf2de19a6cf4a
Details	sha256	3	bebaac2a2b1d72aa189c98d00f4988b24c72f72ae9348c49f62d16b433b05332
Details	sha256	3	3c907087ec77fc1678011f753ddf4531a484009f3c64563d96eff0edea0dcd29
Details	sha256	4	b49a3f3cb4c70014e2c35c880d47bc475584b87b7dfcfa6d7341d42a16ebe443
Details	sha256	5	2cde98579162ab165623241719b2ab33ac40f0b5d0a8ba7e7067c7aebc530172
Details	sha256	3	8cedd6187439f73675b076d70647ee117ec3a4184a5045499a6172ae6e6c2c39
Details	sha256	5	a1e9cd08073e4af3256b31e4b42f3aa69be40862b3988f964e96228f91236593
Details	sha256	5	4e059d74e599757226f93ea8ddcfb794d4bcda605f0e553fbbef47b8b7c82d2b
Details	sha256	7	ed40bce040778e2227c869dac59f54c320944e19f77543954f40019e2f2b0c35
Details	sha256	5	5923f20010cb7c1d59aab36ba41c84cd20c25c6e64aace65dc8243ea827b537b
Details	IPv4	3	123.56.193.119
Details	IPv4	1	54.203.159.179
Details	IPv4	7	80.211.206.105
Details	IPv4	8	164.68.106.96
Details	IPv4	5	62.234.121.105
Details	IPv4	11	45.9.148.108
Details	IPv4	1	5.9.148.35
Details	Url	2	https://teamtnt.red