Container Attacks 2022 - Desconocido[.]pdf

Sharing

Copy URL Twitter E-mail

General

Target

Container Attacks 2022 - Desconocido.pdf
Size

6.8MB
MD5

febd4a44a4708560166b3ff8ebc98525
SHA1

b4d8b39063626a610fbbb994a66ffc5e9b02570b
SHA256

0b17efe99f088b9eee33f3391b0b7bde34839e3aad18f03f452c04c607c3b50c
SHA512

271020d11b06305d37a782f494186d7de9ce56101d5385ed213d5936597fe36e196e68019e064dadded6600eb97e8b8a8bf38d2760b614727d85824ffbe73f0c
SSDEEP

98304:ajdRHso9h///////////dhZ77HHHHHHHHHHH4aTqQP5BgDrsp+1ixf:cdRn9h///////////dHjq4B2rx1i5

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

Container Attacks 2022 - Desconocido.pdf
.pdf
- https://www.virustotal.com/gui/file/0d610852d2d42cb0cebd6bf2770d5e4dfd53f5709af7d0c5539c0c9776bdbf4f/detection
- https://www.virustotal.com/gui/file/6f2825856a5ae87face1c68ccb7f56f726073b8639a0897de77da25c8ecbeb19
- https://www.virustotal.com/gui/file/21f2b5087fdfe6f959f8d4c8cd4cd53c47e5120cbdfa01d39a304fe3e32e3a02
- https://www.virustotal.com/gui/file/2c356d4621626e3de5f268aea9e7736840bbfcdc02e15d2b3cda1050f4f50798
- http://pool.supportxmr.com.
- https://www.virustotal.com/gui/file/e4ef299332adc8c08094b3b181853417a97c027cf1f3439821a6b832f6e9159e
- https://unit42.paloaltonetworks.com/TeamTNT-operations-cloud-environments/
- https://blog.aquasec.com/fileless-malware-container-security
- https://www.virustotal.com/gui/file/0e574fd30e806fe4298b3cbccb8d1089454f42f52892f87554325cb352646049
- https://www.virustotal.com/gui/file/fe98548300025a46de1e06b94252af601a215b985dad31353596af3c1813efb0
- https://blog.aquasec.com/advanced-persistent-threat-techniques-container-attacks
- https://www.virustotal.com/gui/file/fe3c5c4f94b90619f7385606dfb86b6211b030efe19b49c12ead507c8156507a
- https://www.virustotal.com/gui/file/4809d9eeb0c9ff1b8ecb557dca4b50acfa02d1dbf308346338666a05b6a29c57
- https://www.virustotal.com/gui/file/fc46525f37cc3f2a7e43d83dc5dd48ff8f7a456148e615cb9f592e6976635c1
- https://www.virustotal.com/gui/file/1225cc15a71886e5b11fca3dc3b4c4bcde39f4c7c9fbce6bad5e4d3ceee21b3a
- https://www.virustotal.com/gui/file/9dacd40e5b15ca1d7e6ac5b9f4def6f6f76974ae9162735015b347c1ec30c970
- https://www.virustotal.com/gui/file/86859ad5e3115893e5878e91168367d564c1eb937af0d1e4c29dd38fb9647362
- http://uptime.suxsuxsux.com
- https://www.darkreading.com/iot-embedded-security/botnet/satori-botnet-plays-hidden-role-in-cryptomining-scheme-researchers-find/a/d-id/743220?)
- https://www.virustotal.com/gui/file/bd94b5629f 71845314b3df4f1bfa9b17 e0b0292d82d33c467d3 bd6e52c5f3f4b/detection
- https://www.virustotal.com/gui/file/9504b74906cf2c4aba515de463f20c02107a00575658e4637ac838278440d1ae/detection
- https://www.virustotal.com/gui/file/d06e0ff0def0642310030b4f23101618c74cca97aae5fc5aa536876f263f2f59/detection
- https://blog.aquasec.com/teamtnt-campaign-against-docker-kubernetes-environment
- https://www.virustotal.com/gui/file/6f2825856a 5ae87face1c68ccb7f56f726073b8639a0897de77d a25c8ecbeb19/detectio
- https://unit42.paloaltonetworks.com/docker-honeypot/
- https://unit42.paloaltonetworks.com/hildegard-malware-TeamTNT/
- https://www.virustotal.com/gui/file/b158fc11e1d4aeaf9d3111a285cd353eaff6627e328737a5a242d7ec219f4121/detection
- https://www.virustotal.com/gui/file/7579f96024d9ad50f490b017def89a825358eabb85f55959091e26eb863ec19b/detection
- https://www.virustotal.com/gui/file/b158fc11e1d4aeaf9d3111a285cd353eaff6627e328737a5a242d7ec219f4121/detectiondetection
- https://github.com/Caprico1/Docker-Botnets/blob/master/zyx1475-small/init.sh
- https://www.virustotal.com/gui/file/c0fd1716d9 5184b960a5141b1340f55 be359bd9a9d56811cf0e1 e38254cb6e69/detection
- https://www.virustotal.com/gui/file/c0fd1716d95184b960a5141b1340f55be359bd9a9d56811cf0e1e38254cb6e69/detection
- https://www.virustotal.com/gui/file/f96295c7axe9d719b5722d1f9e90bdddd65e6955ee4b56b05fb0584c09df28601
- https://www.virustotal.com/gui/file/b186277bc05ec832d76a52a9aa1b9fdb5bfcc1fb71ddc042078490536000d1c1
- https://www.virustotal.com/gui/file/4c470fd0aae44bdc059ef10392a944fb121a7d32ec0a3d72ef8ad579f95a8400
- https://www.virustotal.com/gui/file/aaed4df4e13542d8b38110147d874b731b2964c454a54c2f894d010271723cdb
- https://www.virustotal.com/gui/file/e57b8c2360ea5d35f47ed479c9835e4086b0380c88b4d7df0f6a07e7d9bb1dfc
- http://go.0x1a.xyz:10172
- http://xmr-asia1.nanopool.org
- http://run.sh
- https://www.virustotal.com/gui/file/0d610852d2d42cb0cebd6bf2770d5e4dfd53f5709af7d0c5539c0c9776bdbf4f/detectionAttacks
- http://9f9f5578.ngrok.io/my2
- http://xmr.f2pool.com:13531
- https://www.virustotal.com/gui/file/6f2825856a5ae87face1c68ccb7f56f726073b8639a0897de77da25c8ecbeb19File
- http://main.sh
- http://dkb.sh
- http://dk.sh
- http://d.py
- http://Thed.py
- http://pool.supportxmr.com
- http://pool.supportxmr.com:3333
- http://github.com/xmrig/xmrig/releases/download/v6.13.1/xmrig-6.
- http://init.sh
- http://ngrok.io
- http://6701042cea91.ngrok.io/.../.hg/init.sh
- http://punk.py
- http://dktest.sh
- http://Docker-API.LAN.sh
- http://borg.wtf/sh/sploit/Docker-API.LAN.sh
- http://borg.wtf
- http://mo.sh
- http://int.sh
- http://multi-user.target
- http://Chimaera.cc/sh/mo.sh
- http://miner.sh
- http://chimaera.pub
- https://unit42.paloaltonetworks.com/TeamTNT-operations-cloud-environments/Attacks
- https://www.virustotal.com/gui/file/fe98548300025a46de1e06b94252af601a215b985dad31353596af3c1813efb0File
- https://www.virustotal.com/gui/file/0e574fd30e806fe4298b3cbccb8d1089454f42f52892f87554325cb352646049File
- http://TeamTNT.pub
- http://teamtnt.red/sh/setup/moneroocean_miner.sh||cd1
- http://teamtnt.red/sh/setup/moneroocean_miner.sh||wget
- http://teamtnt.red/sh/setup/monerooc
- http://ean_miner.sh
- http://teamtnt.red/sh/setup/moneroocean_miner.sh
- http://moneroocean_miner.sh
- https://www.virustotal.com/gui/file/fe3c5c4f94b90619f7385606dfb86b6211b030efe19b49c12ead507c8156507aFile
- http://ei.py
- https://www.virustotal.com/gui/file/4809d9eeb0c9ff1b8ecb557dca4b50acfa02d1dbf308346338666a05b6a29c57File
- https://www.virustotal.com/gui/file/fc46525f37cc3f2a7e43d83dc5dd48ff8f7a456148e615cb9f592e6976635c1dFile
- https://www.virustotal.com/gui/file/1225cc15a71886e5b11fca3dc3b4c4bcde39f4c7c9fbce6bad5e4d3ceee21b3aFile
- https://www.virustotal.com/gui/file/9dacd40e5b15ca1d7e6ac5b9f4def6f6f76974ae9162735015b347c1ec30c970File
- https://www.virustotal.com/gui/file/86859ad5e3115893e5878e91168367d564c1eb937af0d1e4c29dd38fb9647362File
- http://autom.sh
- http://cronb.sh
- http://scan.sh
- http://borg.wtf/sh/scan.sh
- http://borg.wtf/sh/mo.sh
- http://ssh.sh
- http://z.sh
- http://zz.sh
- http://TDGGinit.sh
- http://TDGG.sh
- http://grabb_a.sh
- http://grab_a.sh
- http://rx.unmineable.com:3333
- https://www.darkreading.com/iot-embedded-security/botnet/satori-botnet-plays-hidden-role-in-The
- http://xmr-asia1.nanopool.org:14433
- http://go.0x1a.xyz:10176/d/m?os=linux&hwn=$HW_NAME
- http://mailinator.com
- https://www.virustotal.com/gui/file/bd94b5629f71845314b3df4f1bfa9b17e0b0292d82d33c467d3bd6e52c5f3f4b/detectionFile
- https://www.virustotal.com/gui/file/9504b74906cf2c4aba515de463f20c02107a00575658e4637ac838278440d1ae/detectionFile
- https://www.virustotal.com/gui/file/d06e0ff0def0642310030b4f23101618c74cca97aae5fc5aa536876f263f2f59/detectionFile
- https://www.virustotal.com/gui/file/6f2825856a5ae87face1c68ccb7f56f726073b8639a0897de77da25c8ecbeb19/detectionFile
- http://calm.sh
- http://bash.sh
- http://aws2.sh
- http://borg.wtf/aws2.sh
- http://the.borg.wtf/aws2.sh
- http://borg.wtf/bin/rsMPpa
- https://unit42.paloaltonetworks.com/hildegard-malware-TeamTNT/debian:latest
- http://start.sh
- http://NM.sh
- http://Stage_02.sh
- http://TeamTNT.red/v2/sh/smo.sh,another
- https://www.virustotal.com/gui/file/b158fc11e1d4aeaf9d3111a285cd353eaff6627e328737a5a242d7ec219f4121/detectionImage
- http://github.com/Caprico1/Docker-Botnets/blob/master/zyx1475-small/init.sh
- http://setup.sh
- http://point.sh
- https://www.virustotal.com/gui/file/c0fd1716d95184b960a5141b1340f55be359bd9a9d56811cf0e1e38254cb6e69/detectionFile
- http://entypoint.sh
- http://a.sh
- http://pause.sh
- http://d.b.b.sh
- http://scope2.sh
- https://www.virustotal.com/gui/file/f96295c7axe9d719b5722d1f9e90bdddd65e6955ee4b56b05fb0584c09df28601File
- https://www.virustotal.com/gui/file/b186277bc05ec832d76a52a9aa1b9fdb5bfcc1fb71ddc042078490536000d1c1File
- https://www.virustotal.com/gui/file/4c470fd0aae44bdc059ef10392a944fb121a7d32ec0a3d72ef8ad579f95a8400Malicious
- http://kuben2.so
- https://www.virustotal.com/gui/file/aaed4df4e13542d8b38110147d874b731b2964c454a54c2f894d010271723cdbMalicious
- https://www.virustotal.com/gui/file/e57b8c2360ea5d35f47ed479c9835e4086b0380c88b4d7df0f6a07e7d9bb1dfcMalicious
- http://kubelct.so
- https://www.virustotal.com/gui/file/aaed4df4e13542d8b38110147d874b731b2964c454a54c2f894d010271723cdbFile
- Show all