TeamTNT

1. https://pastebin.com/cwE5nYX0
2.  
3. #TeamTNT
4. #2021-09-13
5.  
6. #Reporter @r3dbU7z
7.  
8. Samples and shellscripts from
9.  
10. ip:45.9.148.182
11. ip: 85.214.149.236
12. url: chimaera.cc
13.  
14. ======BINARIES=======
15.  
16. #MD5 hashes
17.  
18. 11b7de7a921ca753ff9b5a0ec0e17719 -- aarch64.tar.gz
19. 4c53e77d74034027b7b3a38eba1427f9 -- i386.tar.gz
20. 0a2d5be103e24f29c0922b0e8e1cbc22 -- x86_64.tar.gz
21. b41d8cbcf817e68b5811131ea858c2f3 -- xmrig.tar.gz
22. 0e79ca46775244a46b52e627d385dea3 -- config.json
23. bebe468af7800246ddd3bee2bf91016a -- aarch64.xmrigDaemon
24. a9adffbdcec3ad04096fdcd7c11b2ed6 -- i386.xmrigDaemon
25. 9ad8c7cce30ba9a95ec2422cfa54b973 -- x86_64.xmrigDaemon
26. 58bff52bb16e3a8da5c64529ab41b727 -- aarch64.xmrigMiner
27. 80eebe053f85a7aa6c3a7dad9c6b32a8 -- i386.xmrigMiner
28. 6d40a14751bd49b3304eb00b04fa36a7 -- x86_64.xmrigMiner
29.  
30. #SHA256 hashes
31.  
32. f1a788466de258751a50e78cc97212c379e96b48e0ea22d62471083abd1346ef -- aarch64.tar.gz
33. 2aa187a9972b51969b2c3a7a301d8a3d48c31897096038d973d94d6f3a86d0b6 -- i386.tar.gz
34. f3745f612eb1d7ce60648b8e618f7e37a2d7b9876426c09ec3e49f4b2aace8a7 -- x86_64.tar.gz
35. 627acded34c9355fee73c503caf68a4db5c336a48bbfd598c6cb6833520d46f1 -- xmrig.tar.gz
36. 1d23ec8cf8af33f1ea9dd2a83b781ff2e0df59643a70a7435b3427bd18ddf89f -- config.json
37. b60131ece447d73f46d4d733e532e844e0a38c264f334dd624ed369f6a0b7214 -- aarch64.xmrigDaemon
38. c8061a1bef593b81410498219fd9d82503a69efc5a62eba75d72005134dcb3ae -- i386.xmrigDaemon
39. 19bf6023c07eac0aa88793a3322cfc32385bc00360cedff41c1f8c1f724cc8da -- x86_64.xmrigDaemon
40. a16b2d27f71184c69355e707377a9d3293403dfb24fa68ec46c49e4abf6368b8 -- aarch64.xmrigMiner
41. 0278536d687eeec6df391114b64356c10843bd9da73b5baca97831dfd32fb468 -- i386.xmrigMiner
42. 60c4ea9ee180c0272e191978f8f4271a8d4250d90557227556688991b182527e -- x86_64.xmrigMiner
43.  
44. =========SCRIPTS=========
45.  
46. #MD5 hashes
47.  
48. 51a4ba442533bd0d69e0da7dd46e3d9c -- clean.sh
49. e275c26583f08e6fdbb6045c7b2db647 -- CLEAN.other.miners.sh
50. e2fcb71452e7e4057d144bd1c525432a -- CLEAN.TeamTNT.sh
51. a8415b189839b9585193e2b2ec63d6f3 -- DockerAPI-SSH-BreakOut.sh
52. d41d8cd98f00b204e9800998ecf8427e -- grabber.sh
53. c491a19742c352b2c6221037dfac7a4a -- GRABBER_aws-cloud.sh
54. c491a19742c352b2c6221037dfac7a4a -- GRABBER_aws-cloud2.sh
55. 9ca7f7e428ff5e3dbe943efe8ed0df31 -- GRABBER_google-cloud.sh
56. f7b90d0f91ed25806d49ca281a7db10c -- init.sh
57. 419c721fd5eb8f740cb1f971af5dc745 -- init_main_root.sh
58. 12e307a30e453c6695669413ed7c08b6 -- install-NVIDIA-driver.sh
59. 4090469125917070c22203b7d973f52e -- Kubernetes.LAN.IP.Range.sh
60. 45fc2131a4e60bb7545a2b1b235d66ef -- Kubernetes_root_PayLoad_1.sh
61. 287794e108f3a4b07654ce83f6f41b38 -- Kubernetes_root_PayLoad_2.sh
62. ee9c391c98dee5331ac467854f0ae262 -- Kubernetes_root_PayLoad_2.2.sh
63. d88c87f1afb6de12d885fc0fbc33b605 -- Kubernetes_scan_LAN_IPs.sh
64. 940c1c591677efbe91d165751296dddd -- ld.so.preload.sh
65. d41d8cd98f00b204e9800998ecf8427e -- scan.kubernetes.lan.sh
66. b20ab8eb3c3db7d20cecf44024762bd2 -- Setup.User.curl.sh
67. 4f476e9ea8aed60e29bf06ffe758f841 -- Setup_ETH_Miner.sh
68. 7cced044d94a7ac6415598e663b46b26 -- Setup_ETH_MinerService.sh
69. bcf76b649b5c6016b4071d197b1ce111 -- setup_moneroocean_miner.sh
70. fb3346a3cb6add01efade50b53dd211f -- Setup_RainBow_Miner.sh
71. 80f3f20d5923c3a35022f065da9ea924 -- Setup_tmate.sh
72. b4da99888db0f0d6e89beaf8e2a23c78 -- Setup_WeaveScope.sh
73. fefbc41c9514a9a4f4c4e88ead3ebd89 -- ssh_user.sh
74. a5f280ef28bf7eea8785db7c05115d01 -- MOUNTSPLOIT_V2.sh.txt
75.  
76. #SHA256 hashes
77.  
78. 51a4ba442533bd0d69e0da7dd46e3d9c -- clean.sh
79. e275c26583f08e6fdbb6045c7b2db647 -- CLEAN.other.miners.sh
80. e2fcb71452e7e4057d144bd1c525432a -- CLEAN.TeamTNT.sh
81. a8415b189839b9585193e2b2ec63d6f3 -- DockerAPI-SSH-BreakOut.sh
82. d41d8cd98f00b204e9800998ecf8427e -- grabber.sh
83. c491a19742c352b2c6221037dfac7a4a -- GRABBER_aws-cloud.sh
84. c491a19742c352b2c6221037dfac7a4a -- GRABBER_aws-cloud2.sh
85. 9ca7f7e428ff5e3dbe943efe8ed0df31 -- GRABBER_google-cloud.sh
86. f7b90d0f91ed25806d49ca281a7db10c -- init.sh
87. 419c721fd5eb8f740cb1f971af5dc745 -- init_main_root.sh
88. 12e307a30e453c6695669413ed7c08b6 -- install-NVIDIA-driver.sh
89. 4090469125917070c22203b7d973f52e -- Kubernetes.LAN.IP.Range.sh
90. 45fc2131a4e60bb7545a2b1b235d66ef -- Kubernetes_root_PayLoad_1.sh
91. 287794e108f3a4b07654ce83f6f41b38 -- Kubernetes_root_PayLoad_2.sh
92. ee9c391c98dee5331ac467854f0ae262 -- Kubernetes_root_PayLoad_2.2.sh
93. d88c87f1afb6de12d885fc0fbc33b605 -- Kubernetes_scan_LAN_IPs.sh
94. 940c1c591677efbe91d165751296dddd -- ld.so.preload.sh
95. d41d8cd98f00b204e9800998ecf8427e -- scan.kubernetes.lan.sh
96. b20ab8eb3c3db7d20cecf44024762bd2 -- Setup.User.curl.sh
97. 4f476e9ea8aed60e29bf06ffe758f841 -- Setup_ETH_Miner.sh
98. 7cced044d94a7ac6415598e663b46b26 -- Setup_ETH_MinerService.sh
99. bcf76b649b5c6016b4071d197b1ce111 -- setup_moneroocean_miner.sh
100. fb3346a3cb6add01efade50b53dd211f -- Setup_RainBow_Miner.sh
101. 80f3f20d5923c3a35022f065da9ea924 -- Setup_tmate.sh
102. b4da99888db0f0d6e89beaf8e2a23c78 -- Setup_WeaveScope.sh
103. fefbc41c9514a9a4f4c4e88ead3ebd89 -- ssh_user.sh
104. a5f280ef28bf7eea8785db7c05115d01 -- MOUNTSPLOIT_V2.sh.txt
105.  
106. ===============
107.  
108. Archiv [45.9.148.182_Chimaera_shellscripts_#[email protected]] on VirusTotal ->
109.  
110. https://www.virustotal.com/gui/file/f07723e46a7b491d6dde6e66f2561539fd4a913ced6f8a36ae6edee5abf5d260/relations
111.  
112. Archiv [85.214.149.236_chimaera_miners_#[email protected]] on VirusTotal ->
113.  
114. https://www.virustotal.com/gui/file/b0d238ef2d081d498106d1463519e64646c90fbb2a740cd80026bd86ee22c836/relations