Type | IOC | Details |
File | cb782b40757d1aba7a3ab7db57b50847 | Path: /root/SystemHealt |
File | b27eb2159c808f844d60900e2c81a4df | Path: /root/AVscan |
Image | hildeteamtnt/avscan:latest | https://hub.docker.com/r/hildeteamtnt/avscan |
IP address | 45[.]9[.]148[.]123 | Attacker’s C2 server |
IP address | 178[.]255[.]151[.]130, 39[.]104[.]93[.]238 | Attacker’s IP address |
Domain | teamtnt[.]red | Attacker’s remote resource |