ioc[.]one - OSINT Cyber Threat Intelligence Database

TeamTNT Continues to Target Exposed Docker API

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Credentials - T1589.001 Cron - T1053.003 Domains - T1583.001 Domains - T1584.001 Local Account - T1136.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Ssh Authorized Keys - T1098.004 Brute Force - T1110 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	5e2b073f-0e3c-47db-b0a8-2e01d6cc9632
Fingerprint	d97945b10653209
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 25, 2021, midnight
Added to db	Aug. 31, 2024, 10 a.m.
Last updated	Nov. 9, 2024, 12:20 a.m.
Headline	TeamTNT Continues to Target Exposed Docker API
Title	TeamTNT Continues to Target Exposed Docker API
Detected Hints/Tags/Attributes	40/2/42

Source URLs

	Redirection	Url
Details	Source	https://www.lacework.com/blog/teamtnt-continues-to-target-exposed-docker-api
Details	Source	https://www.lacework.com/blog/teamtnt-continues-to-target-exposed-docker-api/

URL Provider

Details	Provider	Source level domain
Details	lacework.com	www.lacework.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	326	✔	Lacework Blog	https://www.lacework.com/lacework_blog.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	crypto.htxrecieve.top
Details	Domain	2	zzhreceive.top
Details	Domain	1	zzhrecieve.top
Details	Domain	1	pending.com
Details	Domain	3	ai.sh
Details	Domain	6	ar.sh
Details	Domain	2	crontab.sh
Details	Email	1	root@pending.com
Details	File	1	avg1.tar
Details	File	1	avg2.tar
Details	File	1	avg3.tar
Details	File	2	avg.tar
Details	File	2	avg4.tar
Details	sha256	1	f64d39fe9d3e99e1b1ff21953c042e168ba888adf128f67c35023281eefc4949
Details	sha256	1	1a1fb5458bddd77f52258b46428c551dd869cd213977ff4f01a76616a59c4bcd
Details	sha256	1	609ea576c7b430366f8118835f0ccb661b8875735dcc6bc55cb26d031a78d4af
Details	sha256	1	d584130e3e53f4152d3c5ddb3c5f6d31b923f48e92b628c199a583b8a04d556a
Details	sha256	1	b9fe879082970e08830aeacd27be8ae017ac56c19aec0161676d20681ec392d5
Details	sha256	1	bc1da58e62a5dbdaa5af28f406c1de39ffedce94d2e2a6e82a286e2d8e108254
Details	sha256	1	97425b089e184f5373ff71de32015a8deba7b5652c7ed952b0030647b65310f4
Details	sha256	1	95cd336e31f08a3c33d009faae52a71ca249f688b2355d75e3ade74e9d705435
Details	sha256	1	fba130a236f69759f93fc964c364de7c731b1543f386f2c80ab6c347c15b4211
Details	sha256	1	7e37c00d8c7a7f596d77c49ec8d69c168950c4cf65ed8d2184ba882a946f49fc
Details	sha256	1	a5d4f0a4109a6e78b8cd17f786e60ae8e9d9b9b53e6d4cd415d0689ca86dde5f
Details	sha256	1	c9d7c60d63d13eda57b616332c9803ad2db2bfb4f6dbf132fb46435735804814
Details	sha256	1	4739e4deebfe79c41eacfc533aa2e8f165550c754b334a5ee0640fcac069ca2f
Details	sha256	1	7127e91ebb342af4957740f9e089c1838e76d09f8ad305ef967adab9501cec74
Details	sha256	1	539fcc468a29987b9d8d623e04c8b8659f3f22785044ec15cfe3ec46668a1f07
Details	sha256	1	473f4e068e60c2a3bd9adff7e8b16411739999230814c2aea31e616c42e3815e
Details	sha256	1	9a56365297461c773fff32a5ba3480486a685896323682cf3dd6391a6535150a
Details	sha256	1	789daa4865a3ba964dc0300e82928c47676d031ccf16c83f866211de4a91fe4a
Details	sha256	1	69510db42e300635a6e8a373f156cfa44d5cedad5e35f4ef0b2b2648503a3422
Details	sha256	1	293cd3f172dbac111945dd7de52c746a7b5cfbddca57247969397f4d356d1311
Details	sha256	1	8c214f4db38266eda767bee6fd2a1c7d0435ff5b2f067b021adb654be522e751
Details	sha256	1	e77ab132b6b8ad236a8993d00c9ad6de3709ea2cebe7df0ec0eb4a1401642f02
Details	sha256	1	c35b6ccf7663c0d451b022a8714db78ffb0590aa07342868966f0509e9a1bd02
Details	sha256	1	eb371d81aa1b85d1fbdf94dfd34743c01fc68a2809e6925c6482e20f54455292
Details	sha256	1	921ef70fcf433c08817286384afd4b7868e9b171eafed59ba3da362dc9128614
Details	sha256	1	355229282e78889fbce2b75499eae7a3f600225c807774d8fe68f9fc555fb240
Details	sha256	1	bd81696e8455bb6c3714960913b8eff654ea7f17daa9223aaa7b118a6a28a0ad
Details	MITRE ATT&CK Techniques	17	T1098.004
Details	MITRE ATT&CK Techniques	51	T1136.001