← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
TeamTNT Reemerged with New Aggressive Cloud Campaign
WHITE CyberHunter_NL 2023-07-14 Modified: 2023-08-13
60
IOCs
HIGH VOLUME
TeamTNT has launched an aggressive botnet campaign targeting cloud native systems, including Docker and Kubernetes, and JupyterLab, as part of a two-part blog series.
teamtntc2 serverstrongtsunami malwaredocker apikubernetescommandip addresssecurityredistsunamigluedownloadxmrigmindvirustotalnautilusmasscanchatexecutionpersistencesilentimpacttwitterssh
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
TeamTNT SSH Docker API Tsunami
Indicators of Compromise (31 / 60 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 203fe39ff0e59d683b36d056ad64277b 2023-07-14
FileHash-MD5 2044446e6832577a262070806e9bf22c 2023-07-14
FileHash-MD5 26c8f6597826fbdebb5df4cd8cd34663 2023-07-14
FileHash-MD5 3da71d66e91ebe0876d2fa451fe27e95 2023-07-14
FileHash-MD5 4061502ba7be7db37d0cd9bc224b1027 2023-07-14
FileHash-MD5 4dc1884527550dc27bd5dfc54b9ae433 2023-07-14
FileHash-MD5 519f86ac6c71c736fdadbb7ff37b6c2d 2023-07-14
FileHash-MD5 575ca10c3fb2adeb766cae815090f5ef 2023-07-14
FileHash-MD5 5d4f7c74b2d89377a1c0fe1a4db15779 2023-07-14
FileHash-MD5 5daace86b5e947e8b87d8a00a11bc3c5 2023-07-14
FileHash-MD5 5dad05ea17d53edb43aa273654db7378 2023-07-14
FileHash-MD5 7044a31e9cd7fdbf10e6beba08c78c6b 2023-07-14
FileHash-MD5 87c8423e0815d6467656093bff9aa193 2023-07-14
FileHash-MD5 92307435bfac8498bc03fd9370c9d1cd 2023-07-14
FileHash-MD5 92d6cc158608bcec74cf9856ab6c94e5 2023-07-14
FileHash-MD5 99f0102d673423c920af1abc22f66d4e 2023-07-14
FileHash-MD5 a579ab8b4f5ffc0c1a82ba818621eced 2023-07-14
FileHash-MD5 a827e07bd36e1e7c258fb27a18029e7a 2023-07-14
FileHash-MD5 b66fe14854d5c569a79f7b3df93d3191 2023-07-14
FileHash-MD5 c1a0f9d67c47ae5d7a34a63d5f1cf159 2023-07-14
FileHash-MD5 c77cbb5879170acbf6018ee2e141cc7e 2023-07-14
FileHash-MD5 cc61a23b635405c4b2f2f6dd1893ac7b 2023-07-14
FileHash-MD5 cc7f8017eebb512b17aa08d09b45b3e9 2023-07-14
FileHash-MD5 cfb6d7788c94857ac5e9899a70c710b6 2023-07-14
FileHash-MD5 e9be1816a7814acd5fe0b124ecb5bf08 2023-07-14
FileHash-MD5 f13b8eedde794e2a9a1e87c3a2b79bf4 2023-07-14
FileHash-MD5 f3d2a7861b25cb92541c066650ddee3f 2023-07-14
FileHash-MD5 f474ef57b8d4c767273927120e1c9b90 2023-07-14
FileHash-MD5 f60b75ddeaf9703277bb2dc36c0f114b 2023-07-14
FileHash-MD5 fb88d462dba2d9c51fbbf034d1c28ea6 2023-07-14
FileHash-MD5 ff43150d9ae2f906be4ac3911dd8da0d 2023-07-14
References (1)
↗ https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign