Hildegard: Kubernetesを標的とする新たなTeamTNTのクリプトジャックマルウェア
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 33fe0402-2c03-4d80-bbd2-2abb4ab1ac17 |
| Fingerprint | aa310fad931ded6f |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 3, 2021, 2 p.m. |
| Added to db | Jan. 16, 2023, 4:59 p.m. |
| Last updated | Nov. 16, 2024, 7:04 p.m. |
| Headline | Hildegard: Kubernetesを標的とする新たなTeamTNTのクリプトジャックマルウェア |
| Title | Hildegard: Kubernetesを標的とする新たなTeamTNTのクリプトジャックマルウェア |
| Detected Hints/Tags/Attributes | 16/0/42 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://unit42.paloaltonetworks.jp/hildegard-malware-teamtnt/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 5 | tt.sh |
|
| Details | Domain | 5 | the.borg.wtf |
|
| Details | Domain | 4 | sgau.sh |
|
| Details | Domain | 4 | xmr.sh |
|
| Details | Domain | 8 | xmrig.so |
|
| Details | Domain | 19 | teamtnt.red |
|
| Details | Domain | 10 | borg.wtf |
|
| Details | Domain | 5 | irc.borg.wtf |
|
| Details | Domain | 4 | sampwn.anondns.net |
|
| Details | Domain | 4 | pei.sh |
|
| Details | Domain | 5 | aws2.sh |
|
| Details | Domain | 117 | ld.so |
|
| Details | File | 5 | api.key |
|
| Details | sha256 | 4 | 2c1528253656ac09c7473911b24b243f083e60b98a19ba1bbb050979a1f38a0f |
|
| Details | sha256 | 5 | 2cde98579162ab165623241719b2ab33ac40f0b5d0a8ba7e7067c7aebc530172 |
|
| Details | sha256 | 4 | b34df4b273b3bedaab531be46a0780d97b87588e93c1818158a47f7add8c7204 |
|
| Details | sha256 | 7 | d2fff992e40ce18ff81b9a92fa1cb93a56fb5a82c1cc428204552d8dfa1bc04f |
|
| Details | sha256 | 4 | 74e3ccaea4df277e1a9c458a671db74aa47630928a7825f75994756512b09d64 |
|
| Details | sha256 | 4 | 8e33496ea00218c07145396c6bcf3e25f4e38a1061f807d2d3653497a291348c |
|
| Details | sha256 | 4 | 518a19aa2c3c9f895efa0d130e6355af5b5d7edf28e2a2d9b944aa358c23d887 |
|
| Details | sha256 | 5 | 5923f20010cb7c1d59aab36ba41c84cd20c25c6e64aace65dc8243ea827b537b |
|
| Details | sha256 | 4 | a22c2a6c2fdc5f5b962d2534aaae10d4de0379c9872f07aa10c77210ca652fa9 |
|
| Details | sha256 | 4 | ee6dbbf85a3bb301a2e448c7fddaa4c1c6f234a8c75597ee766c66f52540d015 |
|
| Details | sha256 | 4 | 937842811b9e2eb87c4c19354a1a790315f2669eea58b63264f751de4da5438d |
|
| Details | sha256 | 4 | 72cff62d801c5bcb185aa299eb26f417aad843e617cf9c39c69f9dde6eb82742 |
|
| Details | sha256 | 4 | 12c5c5d556394aa107a433144c185a686aba3bb44389b7241d84bea766e2aea3 |
|
| Details | sha256 | 4 | 053318adb15cf23075f737daa153b81ab8bd0f2958fa81cd85336ecdf3d7de4e |
|
| Details | sha256 | 4 | e6422d97d381f255cd9e9f91f06e5e4921f070b23e4e35edd539a589b1d6aea7 |
|
| Details | sha256 | 4 | 77456c099facd775238086e8f9420308be432d461e55e49e1b24d96a8ea585e8 |
|
| Details | sha256 | 4 | 78f92857e18107872526feb1ae834edb9b7189df4a2129a4125a3dd8917f9983 |
|
| Details | sha256 | 4 | 3de32f315fd01b7b741cfbb7dfee22c30bf7b9a5a01d7ab6690fcb42759a3e9f |
|
| Details | sha256 | 4 | fe0f5fef4d78db808b9dc4e63eeda9f8626f8ea21b9d03cbd884e37cde9018ee |
|
| Details | sha256 | 4 | 74f122fb0059977167c5ed34a7e217d9dfe8e8199020e3fe19532be108a7d607 |
|
| Details | IPv4 | 88 | 169.254.169.254 |
|
| Details | IPv4 | 7 | 169.254.170.2 |
|
| Details | IPv4 | 6 | 45.9.150.36 |
|
| Details | IPv4 | 7 | 147.75.47.199 |
|
| Details | IPv4 | 11 | 45.9.148.108 |
|
| Details | IPv4 | 4 | 123.245.9.147 |
|
| Details | IPv4 | 5 | 13.245.9.147 |
|
| Details | IPv4 | 8 | 164.68.106.96 |
|
| Details | IPv4 | 5 | 62.234.121.105 |