Previously Undiscovered TeamTNT Payload Recently Surfaced - Cado Security | Cloud Investigation
Tags
country: Germany
attack-pattern: Data Cron - T1053.003 Domains - T1583.001 Domains - T1584.001 Dynamic Linker Hijacking - T1574.006 Email Addresses - T1589.002 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Serverless - T1583.007 Serverless - T1584.007 Systemd Service - T1543.002 Systemd Service - T1501
Show in Graph
Common Information
Type Value
UUID f7fe6bd9-b00d-40b3-a1da-b95ffbeee798
Fingerprint 25038d1b2d1da68d
Analysis status DONE
Considered CTI value 2
Text language
Published March 16, 2023, 1 p.m.
Added to db March 16, 2023, 2:56 p.m.
Last updated Nov. 12, 2024, 11:49 a.m.
Headline Previously Undiscovered TeamTNT Payload Recently Surfaced
Title Previously Undiscovered TeamTNT Payload Recently Surfaced - Cado Security | Cloud Investigation
Detected Hints/Tags/Attributes 56/2/13
Source URLs
Redirection Url
Details Source https://www.cadosecurity.com/previously-undiscovered-teamtnt-payload-recently-surfaced/
URL Provider
Details Provider Source level domain
Details cadosecurity.com www.cadosecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 281 https://www.cadosecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
donaldtrump.cc
Details Domain 117 
ld.so
Details Domain 1 
park74110.github.io
Details Domain 1 
processhider.so
Details Domain 1 
ping.sh
Details Domain 1 
trump.sh
Details Domain 2 
mine.c3pool.com
Details File 3 
config_background.json
Details sha256 1 
595497c407795e0dbb562a4616fd877ce1eb2e86424672bac8003662e1fa07eb
Details sha256 1 
61fdad6d9b149e8d4fc54a848a25219eb9f1364a58073c27eadde8f8298a9573
Details MITRE ATT&CK Techniques 16 
T1574.006
Details Url 1 
https://park74110.github.io/virus/processhider.so
Details Url 1 
http://donaldtrump.cc