ioc[.]one - OSINT Cyber Threat Intelligence Database

TeamTNT Reemerged with New Aggressive Cloud Campaign

Tags

attack-pattern:

Data Botnet - T1583.005 Botnet - T1584.005 Credentials - T1589.001 Cron - T1053.003 Dns - T1071.004 Dns - T1590.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Virtual Private Server - T1583.003 Virtual Private Server - T1584.003 Tool - T1588.002 Vulnerabilities - T1588.006 Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	5a8f9bfb-c91c-467d-b017-82571bacf03e
Fingerprint	a5b51c5b896f2a8d
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 13, 2023, 11:57 a.m.
Added to db	Aug. 12, 2023, 1:02 a.m.
Last updated	Nov. 12, 2024, 11:49 a.m.
Headline	TeamTNT Reemerged with New Aggressive Cloud Campaign
Title	TeamTNT Reemerged with New Aggressive Cloud Campaign
Detected Hints/Tags/Attributes	100/1/65

Source URLs

	Redirection	Url
Details	Source	https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign

URL Provider

Details	Provider	Source level domain
Details	aquasec.com	blog.aquasec.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	22	✔	Aqua Blog	https://blog.aquasec.com/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	5	silentbob.anondns.net
Details	Domain	4	everlost.anondns.net
Details	Domain	4	everfound.anondns.net
Details	Domain	5	ap-northeast-1.compute.internal.anondns.net
Details	Domain	1	priv8.sh
Details	Domain	8	data.sh
Details	Domain	16	aws.sh
Details	Domain	4	grab.sh
Details	Domain	17	clean.sh
Details	Domain	1	curl.sh
Details	Domain	4	int.sh
Details	Domain	1	pacu.sh
Details	Domain	7	scan.sh
Details	Domain	1	scope.sh
Details	Domain	2	secure.sh
Details	Domain	11	user.sh
Details	Domain	39	run.sh
Details	Domain	1	kube.sh
Details	Domain	1	kubew.sh
Details	Domain	1	ngrok.sh
Details	Domain	1	gscat.sh
Details	Domain	1	x3c.sh
Details	Domain	4	tmate.sh
Details	Domain	1	aws.meta.sh
Details	Domain	1	peirates.sh
Details	Domain	5	tmate.io
Details	Domain	117	ld.so
Details	File	4	gscat.php
Details	File	19	4.tar
Details	md5	1	cc61a23b635405c4b2f2f6dd1893ac7b
Details	md5	1	5d4f7c74b2d89377a1c0fe1a4db15779
Details	md5	3	99f0102d673423c920af1abc22f66d4e
Details	md5	3	5daace86b5e947e8b87d8a00a11bc3c5
Details	md5	3	7044a31e9cd7fdbf10e6beba08c78c6b
Details	md5	1	fb88d462dba2d9c51fbbf034d1c28ea6
Details	md5	3	cfb6d7788c94857ac5e9899a70c710b6
Details	md5	1	e9be1816a7814acd5fe0b124ecb5bf08
Details	md5	1	c1a0f9d67c47ae5d7a34a63d5f1cf159
Details	md5	1	a827e07bd36e1e7c258fb27a18029e7a
Details	md5	1	a579ab8b4f5ffc0c1a82ba818621eced
Details	md5	3	92d6cc158608bcec74cf9856ab6c94e5
Details	md5	1	5dad05ea17d53edb43aa273654db7378
Details	md5	1	ff43150d9ae2f906be4ac3911dd8da0d
Details	md5	1	f3d2a7861b25cb92541c066650ddee3f
Details	md5	3	f60b75ddeaf9703277bb2dc36c0f114b
Details	md5	1	f474ef57b8d4c767273927120e1c9b90
Details	md5	1	92307435bfac8498bc03fd9370c9d1cd
Details	md5	3	f13b8eedde794e2a9a1e87c3a2b79bf4
Details	md5	1	575ca10c3fb2adeb766cae815090f5ef
Details	md5	1	519f86ac6c71c736fdadbb7ff37b6c2d
Details	md5	1	3da71d66e91ebe0876d2fa451fe27e95
Details	md5	4	87c8423e0815d6467656093bff9aa193
Details	md5	1	26c8f6597826fbdebb5df4cd8cd34663
Details	md5	3	203fe39ff0e59d683b36d056ad64277b
Details	md5	1	c77cbb5879170acbf6018ee2e141cc7e
Details	md5	3	2044446e6832577a262070806e9bf22c
Details	md5	1	4dc1884527550dc27bd5dfc54b9ae433
Details	md5	1	cc7f8017eebb512b17aa08d09b45b3e9
Details	md5	1	4061502ba7be7db37d0cd9bc224b1027
Details	md5	1	b66fe14854d5c569a79f7b3df93d3191
Details	IPv4	11	45.9.148.108
Details	Url	1	http://silentbob.anondns.net
Details	Url	1	http://everlost.anondns.net
Details	Url	1	http://everfound.anondns.net
Details	Url	1	http://ap-northeast-1.compute.internal.anondns.net