← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
TeamTNT Cryptomining Explosion
WHITE TeamTNT AlienVault 2022-02-21 Modified: 2022-03-23
275
IOCs
HIGH VOLUME
Over the past year the TeamTNT threat actor has been very active. TeamTNT is one of the predominant cryptojacking threat actors currently targeting Linux servers. This blog investigates the threat actor’s activity and their Tactics, Techniques and Procedures (TTPs)—providing all of this information in one place so security teams can better detect and prevent attacks from TeamTNT.
xmrig minerteamtnttsunamidiamorphinedockerkuberneteswormmirai
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
XMRig Miner Diamorphine Summer Tsunami TeamTNT Watchdogd Ezuri
Indicators of Compromise (75 / 275 total)
All domain FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL CVE hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 ada6e4caf35f789535be8bdb6610380d MD5 of 795a3d99c1e8e34a6228d95c4435c5ed7c866dc0e303f9788ea6fe055b1a7ac6 2022-02-21
FileHash-MD5 0547bc34c789786ea74bf0435338431b MD5 of 3a377e5baf2c7095db1d7577339e4eb847ded2bfec1c176251e8b8b0b76d393f MD5 of 3a377e5baf2c7095db1d7577339e4eb847ded2bfec1c176251e8b8b0b76d393f 2022-02-21
FileHash-MD5 479b6bc7dfc3b65370c9668e5da6bf0d MD5 of a46c870d1667a3ee31d2ba8969c9024bdb521ae8aad2079b672ce8416d85e8df 2022-02-21
FileHash-MD5 5dd0fec29e1efbe479b50e1652ae736a MD5 of 74f122fb0059977167c5ed34a7e217d9dfe8e8199020e3fe19532be108a7d607 2022-02-21
FileHash-MD5 70330c23a9027ba0d2d6dd552818d97b MD5 of 78f92857e18107872526feb1ae834edb9b7189df4a2129a4125a3dd8917f9983 2022-02-21
FileHash-MD5 8c6681daba966addd295ad89bf5146af MD5 of dd603db3e2c0800d5eaa262b6b8553c68deaa486b545d4965df5dc43217cc839 2022-02-21
FileHash-MD5 8ffdba0c9708f153237aabb7d386d083 MD5 of 139f393594aabb20543543bd7d3192422b886f58e04a910637b41f14d0cad375 2022-02-21
FileHash-MD5 a00bbf635695b13c55e132ca2563755c MD5 of 5e1af7f4e6cf89cff44ee209399a9fab3bfd8f1ca9703fb54cee05cce2b16d4c 2022-02-21
FileHash-MD5 dd89ab7314e13989bdcae176a82078ac MD5 of 1b72088fc6d780da95465f80ab26ba094d89232ff30a41b1b0113c355cfffa57 2022-02-21
FileHash-MD5 018d88b8203bdea0fe4dc5b4baa930c4 MD5 of 937842811b9e2eb87c4c19354a1a790315f2669eea58b63264f751de4da5438d 2022-02-21
FileHash-MD5 027fe3c7130eda03d1d15a77a6647c37 MD5 of 8cedd6187439f73675b076d70647ee117ec3a4184a5045499a6172ae6e6c2c39 2022-02-21
FileHash-MD5 0ba908efef1395288c270c24cdefc31b MD5 of 71c81cb46dd1903f12f3aef844b0fc559f31e2f613a8ae91ffb5630bc7011ef5 2022-02-21
FileHash-MD5 0dbf7d11b539b1520af6da6ae5c9e109 MD5 of 69fea980538a12ac0791f0801fc93d8b4d16e8329793d635221a16f935e8ca07 2022-02-21
FileHash-MD5 0e2a854abd9cf6ec12e17866703c76a9 MD5 of ee6dbbf85a3bb301a2e448c7fddaa4c1c6f234a8c75597ee766c66f52540d015 2022-02-21
FileHash-MD5 11f55245b1505669dd085f8893c330ca MD5 of 230e2a06df2cd7574ee15cb13714d77182f28d50f83a6ed58af39f1966177769 2022-02-21
FileHash-MD5 12a859d78138894439e1db4a2390734b MD5 of 4f115381c17ba1dedb25d35d922feda9a723e206d811ed437b75fd8116ef461b MD5 of 4f115381c17ba1dedb25d35d922feda9a723e206d811ed437b75fd8116ef461b 2022-02-21
FileHash-MD5 1505db9d11dc6207542bbf9f9453f695 MD5 of e0876231c4829e0c7be4ffe47466b57e17a15e9c1529f332f813ea532716c945 2022-02-21
FileHash-MD5 15e26aecc5fd8dbb7eb023ecdce322cb MD5 of bebaac2a2b1d72aa189c98d00f4988b24c72f72ae9348c49f62d16b433b05332 2022-02-21
FileHash-MD5 181ce51775184fcf1b74973babf4475b MD5 of 616c3d5b2e1c14f53f8a6cceafe723a91ad9f61b65dd22b247788329a41bc20e MD5 of 616c3d5b2e1c14f53f8a6cceafe723a91ad9f61b65dd22b247788329a41bc20e 2022-02-21
FileHash-MD5 1aeb95215a633400d90ad8cbca9bc300 MD5 of d2fff992e40ce18ff81b9a92fa1cb93a56fb5a82c1cc428204552d8dfa1bc04f 2022-02-21
FileHash-MD5 21642b99b3e04f84f7640931ce605da6 MD5 of c55e4c67ba3cf54360a88980183767522fc05e8bf076f31399ee45efbfbd78e5 2022-02-21
FileHash-MD5 234f74f6640bba7e5c47aed88cf40e51 MD5 of a386aced768146fecfe81cac214c51c7e575b2c0c27a29c683e3357706f651ba 2022-02-21
FileHash-MD5 246ddbdb340e183eb183aebba5e6f7e4 MD5 of 4a5d3435cd4a835056b4940e1cea9a25b1619562525bd9953a120b556b305983 MD5 of 4a5d3435cd4a835056b4940e1cea9a25b1619562525bd9953a120b556b305983 2022-02-21
FileHash-MD5 24d7d21c3675d66826da0372369ec3e8 MD5 of 3b4ff9aff08a7ca9a36ed997f94adb6b18bb757157cec4f04b53ba67e9377003 MD5 of 3b4ff9aff08a7ca9a36ed997f94adb6b18bb757157cec4f04b53ba67e9377003 2022-02-21
FileHash-MD5 322814c7d0ec63c509baba4e8bd51b93 MD5 of a66140870d0a71c7bd42b7631e4a85858e6b33e4a21be637b94d41833dee8383 2022-02-21
FileHash-MD5 35a2c7b957dc347554a617e1ff6aff64 MD5 of b3c94173daf8f825dcba80ecc813dd0ca36636851f9fa83901ae3b36af166d78 2022-02-21
FileHash-MD5 35ac482fafb1453f993cb7c447fb9525 MD5 of a22c2a6c2fdc5f5b962d2534aaae10d4de0379c9872f07aa10c77210ca652fa9 2022-02-21
FileHash-MD5 35bba6d8574d1211e260e5fc014c2b54 MD5 of 42e60ce9f0b7c5260282a7006af0166cd3603a6043d833719586bd1adaece138 MD5 of 42e60ce9f0b7c5260282a7006af0166cd3603a6043d833719586bd1adaece138 2022-02-21
FileHash-MD5 3686a9b208e6fb661cbae93cd6e26260 MD5 of 3cc54142b5f88d03fb0552a655e32e94f366c9e3bb387404c6f381cfea506867 2022-02-21
FileHash-MD5 36ad129f0d47e7128beaf51ef5fd75b5 MD5 of ed40bce040778e2227c869dac59f54c320944e19f77543954f40019e2f2b0c35 2022-02-21
FileHash-MD5 3a7d77691d628ac13ca59f5ba7ae805a MD5 of 78037e2d2e596bd450b99551535fa9c38c4e8346ab75eb424bf9e95316424fbe 2022-02-21
FileHash-MD5 3b3012a790dc848f7b1dc63954e2dd9f MD5 of 3c907087ec77fc1678011f753ddf4531a484009f3c64563d96eff0edea0dcd29 MD5 of 3c907087ec77fc1678011f753ddf4531a484009f3c64563d96eff0edea0dcd29 2022-02-21
FileHash-MD5 3e9ecc6032d4509bcb87f687a75322ac MD5 of 6b8d828511b479e3278264eff68059f03b3b8011f9a6daaeff2af06b13ba6090 2022-02-21
FileHash-MD5 4206dbcf1c2bc80ea95ad64043aa024a MD5 of da43ed194729f82db68b1d91a17cea6afde8ae81357116c35c4c129888a836bf 2022-02-21
FileHash-MD5 45385f7519c11a58840931ee38fa3c7b MD5 of fdf26ebad48da26be59b5784f43d1e5ee2efa93c59a717fe2ae1d82bf3f016d3 2022-02-21
FileHash-MD5 45527b86b620ef3b5ad27971c997cd58 MD5 of 669ace6d57c68e4a7f2fabcacfecf485a5c90bfc28a809a432e68b53f60836a4 2022-02-21
FileHash-MD5 52ddb6aa2c9e4c8e66656b562041080b MD5 of 9f5e14ca8c877b7dff84ffbe018c461233af975654bd5b87431920dfc24568a5 2022-02-21
FileHash-MD5 54eda502254cf9cfb2509ca6b6217165 MD5 of 16b26d9e4413c2f6d081ca093106935673747d5266aaa33f51c845e65b90e904 2022-02-21
FileHash-MD5 5de5454a6344654a5505b415c7f003b6 MD5 of 5923f20010cb7c1d59aab36ba41c84cd20c25c6e64aace65dc8243ea827b537b MD5 of 5923f20010cb7c1d59aab36ba41c84cd20c25c6e64aace65dc8243ea827b537b 2022-02-21
FileHash-MD5 5f66aad0bdcbf86593854d0a89f57b36 MD5 of 2c40b76408d59f906f60db97ea36503bfc59aed22a154f5d564d8449c300594f 2022-02-21
FileHash-MD5 63248ffca814fec285379d27aaccf2e9 MD5 of 72cff62d801c5bcb185aa299eb26f417aad843e617cf9c39c69f9dde6eb82742 2022-02-21
FileHash-MD5 656eca480e2161e8645f9b29af7e4762 MD5 of b6f57f8a7fba70d6660335828d2a14029c88079a8176dca2c63281a759fd84ca 2022-02-21
FileHash-MD5 65a1a7e7b7ad97bf0a21d8174d8c5be2 MD5 of 4256402fc04e49f3da8d1bf88efdcca6a3b03f4b881777d2c32a8df364cececd MD5 of 4256402fc04e49f3da8d1bf88efdcca6a3b03f4b881777d2c32a8df364cececd 2022-02-21
FileHash-MD5 669cf56a43b63776e14e1996f18de551 MD5 of 4beaf3edbd1065c0dfd02cf864effe3d1e18d0f39275f0d49cb21951a12976c3 MD5 of 4beaf3edbd1065c0dfd02cf864effe3d1e18d0f39275f0d49cb21951a12976c3 2022-02-21
FileHash-MD5 66c7eb7bb8e092c7b9bd1c4ca70e28bf MD5 of 1eead4f456ed8741d1de821e2fcecb026c1cbbf3477786cc3e637eac05811f46 2022-02-21
FileHash-MD5 706e7e161fd2bbbc56c9fc32b1266ea9 MD5 of 929c3017e6391b92b2fbce654cf7f8b0d3d222f96b5b20385059b584975a298b 2022-02-21
FileHash-MD5 7718e108e8596b459c01e79e4feb3062 MD5 of 6c73e45b06544fc43ce0e9164be52810884f317a710978c31462eb5b8ebc30cc 2022-02-21
FileHash-MD5 80c202ced80965521adf1d63ba6be712 MD5 of 77456c099facd775238086e8f9420308be432d461e55e49e1b24d96a8ea585e8 2022-02-21
FileHash-MD5 838a417ee6b60a15a23e73544109b106 MD5 of feb0a0f5ffba9d7b7d6878a8890a6d67d3f8ef6106e4e88719a63c3351e46a06 2022-02-21
FileHash-MD5 88878ba5b64102f800dadcbe438a4f89 MD5 of 459190ba0173640594d9b1fa41d5ba610ecea59fd275d3ff378d4cedb044e26d MD5 of 459190ba0173640594d9b1fa41d5ba610ecea59fd275d3ff378d4cedb044e26d 2022-02-21
FileHash-MD5 8890932ec22543e97308302375e50bd5 MD5 of 4e059d74e599757226f93ea8ddcfb794d4bcda605f0e553fbbef47b8b7c82d2b 2022-02-21
FileHash-MD5 8e893a2aff3bf63e5f0d31fce7333a80 MD5 of e5f48ccf07addd83986f5b6f9444d5f91cacbb5c471b815a2b68a9c02727821b 2022-02-21
FileHash-MD5 8f414184411a51becc03ebc1b42473b9 MD5 of bcfa215dec8fe15d4265c508c39c1ebafb7370acc95721e4e7d610b0459eb8dd 2022-02-21
FileHash-MD5 92490c9b9d3bb59aca5f106e401dfcaa MD5 of e6422d97d381f255cd9e9f91f06e5e4921f070b23e4e35edd539a589b1d6aea7 2022-02-21
FileHash-MD5 9e18aa573cb4b6ad9846f3e60944d7f5 MD5 of 0742efecbd7af343213a50cc5fd5cd2f8475613cfe6fb51f4296a7ec4533940d MD5 of 0742efecbd7af343213a50cc5fd5cd2f8475613cfe6fb51f4296a7ec4533940d 2022-02-21
FileHash-MD5 9f1a9e43a7451002c73a0b638a47ab98 MD5 of 72b1cbfbd87c6cd85b9dc1da48c852768003e7fb4f01d8f6904921474be199ad 2022-02-21
FileHash-MD5 9f98db93197c6dfb27475075ae14e8ae MD5 of 053318adb15cf23075f737daa153b81ab8bd0f2958fa81cd85336ecdf3d7de4e MD5 of 053318adb15cf23075f737daa153b81ab8bd0f2958fa81cd85336ecdf3d7de4e 2022-02-21
FileHash-MD5 a58543c808b50d7bff02138664aceb0e MD5 of 4f2ee441b35e8e0fe99608a011b632db219bd6631bcda39899b747a0dd38b5c6 MD5 of 4f2ee441b35e8e0fe99608a011b632db219bd6631bcda39899b747a0dd38b5c6 2022-02-21
FileHash-MD5 a69548e3a52095897e6ccb18621c8c3a MD5 of a79d4f5633dbbe98842d5073b41cc25468679c46e011373587ffdbc544d1ea12 2022-02-21
FileHash-MD5 add5f824253dc9b2073c2951afc4c5a1 MD5 of a1e9cd08073e4af3256b31e4b42f3aa69be40862b3988f964e96228f91236593 2022-02-21
FileHash-MD5 b278d57b27b426d0a2196226c8cc04fe MD5 of b60be03a7305946a5b1e2d22aa4f8e3fc93a55e1d7637bebb58bf2de19a6cf4a 2022-02-21
FileHash-MD5 b348abf1d17f7ba0001905e295b1f670 MD5 of 07377cac8687a4cde6e29bc00314c265c7ad71a6919de91f689b58efe07770b0 MD5 of 07377cac8687a4cde6e29bc00314c265c7ad71a6919de91f689b58efe07770b0 2022-02-21
FileHash-MD5 b454597205daea1fea1988fd0ea74178 MD5 of f64a828d58ac5bbdde5e982ebb0766c8969cb63b4ab642467392042f2a594295 2022-02-21
FileHash-MD5 c10b1cee68ba7b4cd356ab1ff3c25d77 MD5 of 3a2aa7235f0617df430b3d556779bee2ae0af75d7c2f17f052971d3f38fad9e0 MD5 of 3a2aa7235f0617df430b3d556779bee2ae0af75d7c2f17f052971d3f38fad9e0 2022-02-21
FileHash-MD5 ced001c5190e726d3260da52f7f943a5 MD5 of 920014ace9add87139db41eb2538b292ad136fde7ac5f683eb3b31e0fed5f808 2022-02-21
FileHash-MD5 cf8f93d79d9510ab78dcb4df994bf958 MD5 of dd0a5c62db8403263872716b8b2dfd190fcf9c742e9d13ad2c40ab41df7f2045 2022-02-21
FileHash-MD5 d75339c10669841a4015fdf6876453b3 MD5 of 1474298ed7a5c63ca8098794cd743a276807cca0e678e046160718626bb038f3 2022-02-21
FileHash-MD5 dc3dbfb8242cc527aebe1a0b2af0185d MD5 of 6c8a2ba339141b93c67f9d79d86a469da75bfbc69f128a6ed702a6e3925d5a29 2022-02-21
FileHash-MD5 dda9e1aba66494f530862e51b514cdc2 MD5 of b556d266b154c303bb90db005d7dd4267ed8d0e711e3fd32406c64b1fc977f9e 2022-02-21
FileHash-MD5 e10e607751f00516c86b35a6a3b76517 MD5 of 12c5c5d556394aa107a433144c185a686aba3bb44389b7241d84bea766e2aea3 2022-02-21
FileHash-MD5 f126ba85e44db8352a514c650ca95789 MD5 of 705a22f0266c382c846ee37b8cd544db1ff19980b8a627a4a4f01c1161a71cb0 2022-02-21
FileHash-MD5 f50a5de869bb3dd7b6b053ae14f3c9fd MD5 of 205db0ef59cad167c6132916f8f7a1d1963e740b36400419b2e5ba307e9f765c 2022-02-21
FileHash-MD5 f8806cb235cedc09e6e4f510a69dff2e MD5 of b49a3f3cb4c70014e2c35c880d47bc475584b87b7dfcfa6d7341d42a16ebe443 2022-02-21
FileHash-MD5 fc86d8d99c6a96c741327db7ad90e786 MD5 of 3876b58d12e27361bdfebd6efc5423d79b6676ca3b9d800f87098e95c3422e84 2022-02-21
FileHash-MD5 fe9d149dec9cd182254ace576a332f56 MD5 of 3de32f315fd01b7b741cfbb7dfee22c30bf7b9a5a01d7ab6690fcb42759a3e9f MD5 of 3de32f315fd01b7b741cfbb7dfee22c30bf7b9a5a01d7ab6690fcb42759a3e9f 2022-02-21
References (1)
↗ https://www.intezer.com/blog/malware-analysis/teamtnt-cryptomining-explosion/