ioc[.]one - OSINT Cyber Threat Intelligence Database

Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools

Tags

attack-pattern:

Data Model Botnet - T1583.005 Botnet - T1584.005 Cloud Services - T1021.007 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Serverless - T1583.007 Serverless - T1584.007 Software - T1592.002 Vulnerabilities - T1588.006 Connection Proxy - T1090 Default Credentials

Show in Graph

Common Information

Type	Value
UUID	d4049537-ec0e-4875-9e94-314136b68b94
Fingerprint	95211b198de7a683
Analysis status	DONE
Considered CTI value	0
Text language
Published	April 22, 2021, midnight
Added to db	Sept. 26, 2022, 9:33 a.m.
Last updated	Oct. 16, 2024, 2:22 a.m.
Headline	Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools
Title	Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools
Detected Hints/Tags/Attributes	48/1/46

Source URLs

	Redirection	Url
Details	Source	https://www.trendmicro.com/en_us/research/21/d/tor-based-botnet-malware-targets-linux-systems-abuses-cloud-management-tools.html
Details	Source	https://www.trendmicro.com/en_ph/research/21/d/tor-based-botnet-malware-targets-linux-systems-abuses-cloud-management-tools.html
Details	Source	https://www.trendmicro.com/en_ie/research/21/d/tor-based-botnet-malware-targets-linux-systems-abuses-cloud-management-tools.html

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	www.trendmicro.com

Attributes

Details	Type	#Events	Value
Details	Domain	18	uninstall.sh
Details	Domain	3	uninst.sh
Details	Domain	1	7jmrbtrvkgcqkldzyob4kotpyvsgz546yvik2xv4rpnfmrhe4imxthqd.onion
Details	Domain	1	bggts547gukhvmf4cgandlgxxphengxovoyo6ewhns5qmmb2b5oi43yd.onion
Details	Domain	2	dreambusweduybcp.onion
Details	Domain	1	i62hmnztfpzwrhjg34m6ruxem5oe36nulzmxcgbdbkiaceubprkta7ad.onion
Details	Domain	1	ji55jjplpknk7eayxxtb5o3ulxuevntutsdanov5dp3wya7l7btjv4qd.onion
Details	Domain	1	mhevkk4odgzqpt2hbj3hhw2uz4vhunoo55evewrgmouyiehcaltmbrqd.onion
Details	Domain	2	ojk5zra7b3yq32timb27n4qj5udk4w2l5kqn5ulhnugdscelttfhtoyd.onion
Details	Domain	1	plgs6otqdiu7snxdfwjnidhw4ncmp5qvvxi5gepiszg75kxebwci2wad.onion
Details	Domain	1	ryukdssuskovhnwb.onion
Details	Domain	1	sg722jwocbvedckhd4dptpqfek5fsbmx3v57qg6lzhuo56np73mb3zyd.onion
Details	Domain	1	trumpzbffbewy3gn.onion
Details	Domain	1	trumpzwlvlyrvlss.onion
Details	Domain	1	unixdbnuadxmwtob.onion
Details	Domain	1	va6xh4hqgb754klsffjamjgotlq7mne3lyyrhu5vhypakbumzeo4c4ad.onion
Details	Domain	1	y4mcrfeigcaa2robjk3azb2qwcd5hk45xpoaddupmdwv24qoggnmdbid.onion
Details	Domain	1	yrxxxqia45xxcdqfwyx4pk6ufyanazdwjbv3de7r4mrtyztt5mpw35yd.onion
Details	IPv4	1	144.76.110.70
Details	IPv4	1	172.104.56.209
Details	IPv4	1	178.128.84.253
Details	IPv4	1	185.188.183.254
Details	IPv4	1	185.35.223.76
Details	IPv4	1	201.159.100.58
Details	IPv4	1	209.97.174.97
Details	IPv4	1	45.32.171.166
Details	IPv4	1	46.101.61.9
Details	IPv4	1	46.229.55.38
Details	IPv4	1	46.229.55.39
Details	IPv4	1	51.103.16.14
Details	IPv4	1	51.68.214.156
Details	IPv4	1	51.75.163.92
Details	IPv4	1	51.89.149.71
Details	IPv4	1	67.149.39.182
Details	IPv4	1	77.120.123.179
Details	IPv4	1	77.66.176.9
Details	IPv4	1	82.37.194.181
Details	IPv4	1	83.217.28.46
Details	IPv4	2	85.159.44.163
Details	IPv4	1	85.234.143.106
Details	IPv4	1	91.194.250.134
Details	IPv4	1	92.63.192.7
Details	IPv4	1	119.205.235.58
Details	IPv4	1	136.243.90.99
Details	IPv4	1	153.127.216.132
Details	IPv4	1	94.176.237.229