ioc[.]one - OSINT Cyber Threat Intelligence Database

Linux – focus on a cryptomining attack dubbed color1337 - TEHTRIS

Tags

country:	France Romania
attack-pattern:	Data Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Scheduled Task - T1053.005 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Scheduled Task - T1053 Default Credentials

Show in Graph

Common Information

Type	Value
UUID	3d1a8ff3-ddd7-4aff-816d-e1f8a9eadfe8
Fingerprint	9e8128130fb301e9
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 4, 2023, 1:31 p.m.
Added to db	Oct. 24, 2023, 1:24 p.m.
Last updated	Nov. 13, 2024, 11:07 a.m.
Headline	Linux – focus on a cryptomining attack dubbed color1337
Title	Linux – focus on a cryptomining attack dubbed color1337 - TEHTRIS
Detected Hints/Tags/Attributes	51/2/21

Source URLs

	Redirection	Url
Details	Source	https://tehtris.com/en/blog/linux-focus-on-a-cryptomining-attack-dubbed-color1337

URL Provider

Details	Provider	Source level domain
Details	tehtris.com	tehtris.com

Attributes

Details	Type	#Events	Value
Details	CVE	43	cve-2018-10561
Details	CVE	1	cve-2021-38759
Details	Domain	5	arhivehaceru.com
Details	Domain	2	tehtris.com
Details	Domain	1	system-cleaner.pl
Details	Domain	1	cleaner.pl
Details	File	6	bios.txt
Details	File	1	system-cleaner.pl
Details	File	1	cleaner.pl
Details	sha256	1	0314f688409e3caf1e6d0198bfff3a129e14cb0c623150ba3e29581fba6491d1
Details	sha256	1	e582428a5be24a1eb9eb80566a57bd0cb0431110d3c07b5ce9edd5544a3ef1b4
Details	sha256	5	14779e087a764063d260cafa5c2b93d7ed5e0d19783eeaea6abb12d17561949a
Details	sha256	2	cc0b01955db20101f93771f81a9fa6ab7c091cac8435529996020d4f3932a3e7
Details	sha256	4	e9bbe9aecfaea4c738d95d0329a5da9bd33c04a97779172c7df517e1a808489c
Details	sha256	1	6d1fe6ab3cd04ca5d1ab790339ee2b6577553bc042af3b7587ece0c195267c9b
Details	IPv4	2	45.139.105.222
Details	IPv4	2	185.225.74.231
Details	IPv4	8	139.99.123.196
Details	Url	1	https://discord.com/api/webhooks/1036225255049531422/qyort3sxhaoc9ys2nqipxlsmymrffipu-rmkzmcdv9pqyp4uazeizxdxioutf0djlub
Details	Url	1	https://discord.com/api/webhooks/965651135102865479/pfdu4u8yzrn0xhzikshcaxl3_iabjsstymfexlthf2_1xcnwxsajkos3ptwkyppygqvi
Details	Url	1	https://discord.com/api/webhooks/1036206037373571082/9bs01krt-trcbsapi_iadv1bhn56a4x4fxzcyew3zmq95h1mfvlkwb6-kyzveovftns